0e4186cb4d4ca05b128dab491efc9987026f34bd2d1e9168fd03702132bba29d | Triage

Sharing

General

Target

0e4186cb4d4ca05b128dab491efc9987026f34bd2d1e9168fd03702132bba29d
Size

41KB
Sample

221123-l2dmkacg92
MD5

a956d85b9765c9eb1ae2d7f9e1aceaf9
SHA1

9275f655f73d3ea0e6d5e507ef060b1dcdbea6f8
SHA256

0e4186cb4d4ca05b128dab491efc9987026f34bd2d1e9168fd03702132bba29d
SHA512

aabc9c8f5606b3ae958019bd8aa387ac7ad81bb92e437c28a442a914a40f59e6eefafdbaf0424eea219521d23d5f9249833883779554a490125a996d33e4ce87
SSDEEP

768:QIBar1ZIZYnfI9opm6AIHIjaI7g9mVmUnmoNE/W5dRV8:pW1ZIZqI9opm6AIHIjzmUHNzd

Score

8^/10

Malware Config

Targets

- Target
  
  0e4186cb4d4ca05b128dab491efc9987026f34bd2d1e9168fd03702132bba29d
- Size
  
  41KB
- MD5
  
  a956d85b9765c9eb1ae2d7f9e1aceaf9
- SHA1
  
  9275f655f73d3ea0e6d5e507ef060b1dcdbea6f8
- SHA256
  
  0e4186cb4d4ca05b128dab491efc9987026f34bd2d1e9168fd03702132bba29d
- SHA512
  
  aabc9c8f5606b3ae958019bd8aa387ac7ad81bb92e437c28a442a914a40f59e6eefafdbaf0424eea219521d23d5f9249833883779554a490125a996d33e4ce87
- SSDEEP
  
  768:QIBar1ZIZYnfI9opm6AIHIjaI7g9mVmUnmoNE/W5dRV8:pW1ZIZqI9opm6AIHIjzmUHNzd
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2