dd4f14b596b044ba0c77ae4c269d2b09fcd8a4469672afbced9dd0fa7dd0f27c | Triage

Sharing

General

Target

dd4f14b596b044ba0c77ae4c269d2b09fcd8a4469672afbced9dd0fa7dd0f27c
Size

190KB
Sample

221123-m4kpbsah7w
MD5

f9746df8518ba64696a8c4172cd65447
SHA1

1d1565830bc94aeebf116932cc762e44c4a075f7
SHA256

dd4f14b596b044ba0c77ae4c269d2b09fcd8a4469672afbced9dd0fa7dd0f27c
SHA512

5267cf1a5bd930f8edc01009f065080225e91574b0a8f195e5cd8fd2c7a50225dd5a642a8c1a63d005d7dd7e5087ae358129fe6ac88c109fdf6ae6a020a9eca9
SSDEEP

3072:zMEMvxdknmg1tDbuLB+5xGT21JqaEvNTydL0eFqMtTUmRHDyCTkT3N9Q6fGcfLeo:zME1nmg1tDbJ5621YNw4eFqOAmJDyCTS

Score

8^/10

Malware Config

Targets

- Target
  
  dd4f14b596b044ba0c77ae4c269d2b09fcd8a4469672afbced9dd0fa7dd0f27c
- Size
  
  190KB
- MD5
  
  f9746df8518ba64696a8c4172cd65447
- SHA1
  
  1d1565830bc94aeebf116932cc762e44c4a075f7
- SHA256
  
  dd4f14b596b044ba0c77ae4c269d2b09fcd8a4469672afbced9dd0fa7dd0f27c
- SHA512
  
  5267cf1a5bd930f8edc01009f065080225e91574b0a8f195e5cd8fd2c7a50225dd5a642a8c1a63d005d7dd7e5087ae358129fe6ac88c109fdf6ae6a020a9eca9
- SSDEEP
  
  3072:zMEMvxdknmg1tDbuLB+5xGT21JqaEvNTydL0eFqMtTUmRHDyCTkT3N9Q6fGcfLeo:zME1nmg1tDbJ5621YNw4eFqOAmJDyCTS
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2