c4be9debb1f5f618d6ec5f00e6618a7c1a1c497c8b5f0dc6d66f68a3d7ee0223 | Triage

Sharing

General

Target

c4be9debb1f5f618d6ec5f00e6618a7c1a1c497c8b5f0dc6d66f68a3d7ee0223
Size

224KB
Sample

221030-hwsyhshfem
MD5

a33f88abd0d90bfeed53661dac881980
SHA1

d5ecb325e2a6155188bb75e597b047d46cb579f1
SHA256

c4be9debb1f5f618d6ec5f00e6618a7c1a1c497c8b5f0dc6d66f68a3d7ee0223
SHA512

1901b158378afcb5d3e32ab79462fb9b4f5c82792c45d9174e688fbb8250dc83f7343b6ff2b583203159a8fa1e3482512379ee6315d6eff0657f8451eebd2033
SSDEEP

3072:G5+K2YtsgAhCjG8G3GbGVGBGfGuGxGWYcrf6KadE:G5v2Y6lAYcD6Kad

Score

8^/10

Malware Config

Targets

- Target
  
  c4be9debb1f5f618d6ec5f00e6618a7c1a1c497c8b5f0dc6d66f68a3d7ee0223
- Size
  
  224KB
- MD5
  
  a33f88abd0d90bfeed53661dac881980
- SHA1
  
  d5ecb325e2a6155188bb75e597b047d46cb579f1
- SHA256
  
  c4be9debb1f5f618d6ec5f00e6618a7c1a1c497c8b5f0dc6d66f68a3d7ee0223
- SHA512
  
  1901b158378afcb5d3e32ab79462fb9b4f5c82792c45d9174e688fbb8250dc83f7343b6ff2b583203159a8fa1e3482512379ee6315d6eff0657f8451eebd2033
- SSDEEP
  
  3072:G5+K2YtsgAhCjG8G3GbGVGBGfGuGxGWYcrf6KadE:G5v2Y6lAYcD6Kad
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2