61c4e65176386163906d4d10edf60cec5f14bca17ca335160d515a7c64fafe00 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61c4e65176386163906d4d10edf60cec5f14bca17ca335160d515a7c64fafe00
Size

3.5MB
Sample

221025-w6ncnsddhr
MD5

1fd2f8b9255045ba8eaea551fe4a58b6
SHA1

2f3b0c7d63378656301c2f1dd4119e10e17ddc5d
SHA256

61c4e65176386163906d4d10edf60cec5f14bca17ca335160d515a7c64fafe00
SHA512

94de1a1c5a466c0af3ca933766392dd72c86b5656dbb1229b850cb72d70d1011369d0bae1ae96063fed175bcb3b0cfbcabf94fa0e54ab236ecb953592dc3f587
SSDEEP

98304:e6lNywKViRya5PH8qS39E65ZFqd2lXgU32wK/W+kIMwW:LlNyw/Ea5DOt5ZmrUEJT5W

Score

8^/10

Malware Config

Targets

- Target
  
  61c4e65176386163906d4d10edf60cec5f14bca17ca335160d515a7c64fafe00
- Size
  
  3.5MB
- MD5
  
  1fd2f8b9255045ba8eaea551fe4a58b6
- SHA1
  
  2f3b0c7d63378656301c2f1dd4119e10e17ddc5d
- SHA256
  
  61c4e65176386163906d4d10edf60cec5f14bca17ca335160d515a7c64fafe00
- SHA512
  
  94de1a1c5a466c0af3ca933766392dd72c86b5656dbb1229b850cb72d70d1011369d0bae1ae96063fed175bcb3b0cfbcabf94fa0e54ab236ecb953592dc3f587
- SSDEEP
  
  98304:e6lNywKViRya5PH8qS39E65ZFqd2lXgU32wK/W+kIMwW:LlNyw/Ea5DOt5ZmrUEJT5W
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2