db1f1cbd8825e5d8bc9a18826fbe128974ab8aadd4c24c7066e185f14456a0ee | Triage

Sharing

General

Target

db1f1cbd8825e5d8bc9a18826fbe128974ab8aadd4c24c7066e185f14456a0ee
Size

702KB
Sample

221123-zwqa3aha5s
MD5

4345d9b5049c7cf2ea2d35564debeec0
SHA1

8e640ec8cd2274fdeab6b29285039ed4f283f9e7
SHA256

db1f1cbd8825e5d8bc9a18826fbe128974ab8aadd4c24c7066e185f14456a0ee
SHA512

7f50d4e53e672415db93200f9e203f31242baca7adb9680827e2550e0dbe5bb078a996f25f9ae8c1096861fced7039edca01c0f04b0e8c2023db35af9daa0fc8
SSDEEP

12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y

Score

8^/10

Malware Config

Targets

- Target
  
  db1f1cbd8825e5d8bc9a18826fbe128974ab8aadd4c24c7066e185f14456a0ee
- Size
  
  702KB
- MD5
  
  4345d9b5049c7cf2ea2d35564debeec0
- SHA1
  
  8e640ec8cd2274fdeab6b29285039ed4f283f9e7
- SHA256
  
  db1f1cbd8825e5d8bc9a18826fbe128974ab8aadd4c24c7066e185f14456a0ee
- SHA512
  
  7f50d4e53e672415db93200f9e203f31242baca7adb9680827e2550e0dbe5bb078a996f25f9ae8c1096861fced7039edca01c0f04b0e8c2023db35af9daa0fc8
- SSDEEP
  
  12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2