ec4f6cd877dc06ceb6f51d95a9a90ef9ae50636d76ee6a655f58ad9e633ebe08 | Triage

Sharing

General

Target

ec4f6cd877dc06ceb6f51d95a9a90ef9ae50636d76ee6a655f58ad9e633ebe08
Size

20KB
Sample

221123-ltzvtsfg2w
MD5

fbb4afddbd6dcdcd5e3bb622ff8922d7
SHA1

56a15933006719219f8bdc7f8c65fcfb5305b482
SHA256

ec4f6cd877dc06ceb6f51d95a9a90ef9ae50636d76ee6a655f58ad9e633ebe08
SHA512

5dae535edf4e6c58cfcf9b0a79cb7b1374056bdd8601d7559bc77c82ba067eb33519fa58d50e9a38851545b9b835c4778272483da6732127eebd0167ba074964
SSDEEP

192:TVTtwNpAGWTawIcJkjBRP1oyn7MU859xdto9KZjzy:4PWxIcyL1hd8TPto9KJzy

Score

8^/10

Malware Config

Targets

- Target
  
  ec4f6cd877dc06ceb6f51d95a9a90ef9ae50636d76ee6a655f58ad9e633ebe08
- Size
  
  20KB
- MD5
  
  fbb4afddbd6dcdcd5e3bb622ff8922d7
- SHA1
  
  56a15933006719219f8bdc7f8c65fcfb5305b482
- SHA256
  
  ec4f6cd877dc06ceb6f51d95a9a90ef9ae50636d76ee6a655f58ad9e633ebe08
- SHA512
  
  5dae535edf4e6c58cfcf9b0a79cb7b1374056bdd8601d7559bc77c82ba067eb33519fa58d50e9a38851545b9b835c4778272483da6732127eebd0167ba074964
- SSDEEP
  
  192:TVTtwNpAGWTawIcJkjBRP1oyn7MU859xdto9KZjzy:4PWxIcyL1hd8TPto9KJzy
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2