a4160313562563fe02a2c7ad5860e6be274785271359322697218e2c1fd97461 | Triage

Sharing

General

Target

a4160313562563fe02a2c7ad5860e6be274785271359322697218e2c1fd97461
Size

232KB
Sample

221102-gcg68saddj
MD5

aa001872e37dfa8d0f00bef6ad4e73c7
SHA1

879418032f98d1fce502472a97d7d21c840388c5
SHA256

a4160313562563fe02a2c7ad5860e6be274785271359322697218e2c1fd97461
SHA512

444bcdb29f6b67f4f4bac55f655d395002e6149c577bde5208e950979a78fd3aa7464d188d034c6ef8e9f6abdfdd80de46b55a8059d4c4ae30184f6e89414646
SSDEEP

6144:KME1nmg1tDbJ5621YNAUvAXiXdee4Q/flRX9MJy1W3NLqpMgK:LgnJqLXdee4GvX9XQdLmA

Score

8^/10

Malware Config

Targets

- Target
  
  a4160313562563fe02a2c7ad5860e6be274785271359322697218e2c1fd97461
- Size
  
  232KB
- MD5
  
  aa001872e37dfa8d0f00bef6ad4e73c7
- SHA1
  
  879418032f98d1fce502472a97d7d21c840388c5
- SHA256
  
  a4160313562563fe02a2c7ad5860e6be274785271359322697218e2c1fd97461
- SHA512
  
  444bcdb29f6b67f4f4bac55f655d395002e6149c577bde5208e950979a78fd3aa7464d188d034c6ef8e9f6abdfdd80de46b55a8059d4c4ae30184f6e89414646
- SSDEEP
  
  6144:KME1nmg1tDbJ5621YNAUvAXiXdee4Q/flRX9MJy1W3NLqpMgK:LgnJqLXdee4GvX9XQdLmA
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2