603eb2a38b8787dfea085ffec4880027b11b42434a63449461a96ecfb01079cc | Triage

Sharing

General

Target

603eb2a38b8787dfea085ffec4880027b11b42434a63449461a96ecfb01079cc
Size

1.8MB
Sample

221123-rg47nsgf39
MD5

638c3aa984b07bd0e505aa7234730c89
SHA1

c1e8f9a2f66bb1211e7002e4ffe7e9615aa7beb8
SHA256

603eb2a38b8787dfea085ffec4880027b11b42434a63449461a96ecfb01079cc
SHA512

7655c701c8b4c428350a4ba795835328aa9079e189744adddb48cfe33e51e12e669a59dd1a151f33933e1df8decebda93e0fa759a99cafd547a4a339de754f81
SSDEEP

24576:zblFntFE3KQBJ6vw8sCD3XrtB2/UM/ibQ0pkbQcpeSSUPDb1bai65pzvcZKYcf:z3tFEhywKntB0GTwo2PDbFLQpOwf

Score

8^/10

Malware Config

Targets

- Target
  
  603eb2a38b8787dfea085ffec4880027b11b42434a63449461a96ecfb01079cc
- Size
  
  1.8MB
- MD5
  
  638c3aa984b07bd0e505aa7234730c89
- SHA1
  
  c1e8f9a2f66bb1211e7002e4ffe7e9615aa7beb8
- SHA256
  
  603eb2a38b8787dfea085ffec4880027b11b42434a63449461a96ecfb01079cc
- SHA512
  
  7655c701c8b4c428350a4ba795835328aa9079e189744adddb48cfe33e51e12e669a59dd1a151f33933e1df8decebda93e0fa759a99cafd547a4a339de754f81
- SSDEEP
  
  24576:zblFntFE3KQBJ6vw8sCD3XrtB2/UM/ibQ0pkbQcpeSSUPDb1bai65pzvcZKYcf:z3tFEhywKntB0GTwo2PDbFLQpOwf
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2