d4e863509154d3cfe36f69bea3cdfbd4a73724e62143ef8d3c6df526a20823bf | Triage

Sharing

General

Target

d4e863509154d3cfe36f69bea3cdfbd4a73724e62143ef8d3c6df526a20823bf
Size

1.2MB
Sample

221123-zv82saha21
MD5

449fd486f060b19e179e958462b355c0
SHA1

4c56c0907f6114d90f2091890cf746d48acebc83
SHA256

d4e863509154d3cfe36f69bea3cdfbd4a73724e62143ef8d3c6df526a20823bf
SHA512

60bbaa1e2fef864e542c589784fd07c8ad83f1ab3509d6ba2a805b1db6d39ae52f19b0f0f9d75e58666bacdccecb220f589a51142c9236c09267ddd342a09370
SSDEEP

24576:W8xrwVpiNi6kH52YLZSUkFXccdQEHzO/gPjoRku0W:W8x0aNnkHoYLZSrMcGEHz2PV0W

Score

8^/10

Malware Config

Targets

- Target
  
  d4e863509154d3cfe36f69bea3cdfbd4a73724e62143ef8d3c6df526a20823bf
- Size
  
  1.2MB
- MD5
  
  449fd486f060b19e179e958462b355c0
- SHA1
  
  4c56c0907f6114d90f2091890cf746d48acebc83
- SHA256
  
  d4e863509154d3cfe36f69bea3cdfbd4a73724e62143ef8d3c6df526a20823bf
- SHA512
  
  60bbaa1e2fef864e542c589784fd07c8ad83f1ab3509d6ba2a805b1db6d39ae52f19b0f0f9d75e58666bacdccecb220f589a51142c9236c09267ddd342a09370
- SSDEEP
  
  24576:W8xrwVpiNi6kH52YLZSUkFXccdQEHzO/gPjoRku0W:W8x0aNnkHoYLZSrMcGEHz2PV0W
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2