de4e9d939c6a753595e48a34871968522f26c6b13861b31e90e495c85816f6c4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de4e9d939c6a753595e48a34871968522f26c6b13861b31e90e495c85816f6c4
Size

1.2MB
Sample

221107-gwbhssbgc9
MD5

0c3014f9b302f8524c1a394efc353fe6
SHA1

67eb14d69badd1d91702ab0616ca55fac21139dc
SHA256

de4e9d939c6a753595e48a34871968522f26c6b13861b31e90e495c85816f6c4
SHA512

1d599e75c1871ed2d147b05e7cbaa96e929b35268793cd8eb5c9039d14baa7df4243e35e29b34eed96771affc1be4f1938e4f9bd55eded508a2f6dd38f35f82a
SSDEEP

24576:Ri2Dv7gosohG20JaB7SNWa6StffOSqICV+GKTMiaIH1qMQk:MCb9SL60ql+3H8k

Score

8^/10

Malware Config

Targets

- Target
  
  de4e9d939c6a753595e48a34871968522f26c6b13861b31e90e495c85816f6c4
- Size
  
  1.2MB
- MD5
  
  0c3014f9b302f8524c1a394efc353fe6
- SHA1
  
  67eb14d69badd1d91702ab0616ca55fac21139dc
- SHA256
  
  de4e9d939c6a753595e48a34871968522f26c6b13861b31e90e495c85816f6c4
- SHA512
  
  1d599e75c1871ed2d147b05e7cbaa96e929b35268793cd8eb5c9039d14baa7df4243e35e29b34eed96771affc1be4f1938e4f9bd55eded508a2f6dd38f35f82a
- SSDEEP
  
  24576:Ri2Dv7gosohG20JaB7SNWa6StffOSqICV+GKTMiaIH1qMQk:MCb9SL60ql+3H8k
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2