563b26bc372d1c871924c160256213a33e7baa4036fc3f140924d2d140bd8e9e | Triage

Sharing

General

Target

563b26bc372d1c871924c160256213a33e7baa4036fc3f140924d2d140bd8e9e
Size

681KB
Sample

221123-zxkf7sea52
MD5

43f848f66c1e8da2e45a86f0372cdde0
SHA1

c8a6bf91e77dd6da6c9c95b8610dafd72c07da1e
SHA256

563b26bc372d1c871924c160256213a33e7baa4036fc3f140924d2d140bd8e9e
SHA512

5587a0b15f7be60ceae6218e785c0e857f1cb8cb9b398818206fd6d9f9ec5f7438747a9177b905dd26c914792cdaeffaa0ca84e24b6502d62b963c47816fb9e1
SSDEEP

12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y

Score

8^/10

Malware Config

Targets

- Target
  
  563b26bc372d1c871924c160256213a33e7baa4036fc3f140924d2d140bd8e9e
- Size
  
  681KB
- MD5
  
  43f848f66c1e8da2e45a86f0372cdde0
- SHA1
  
  c8a6bf91e77dd6da6c9c95b8610dafd72c07da1e
- SHA256
  
  563b26bc372d1c871924c160256213a33e7baa4036fc3f140924d2d140bd8e9e
- SHA512
  
  5587a0b15f7be60ceae6218e785c0e857f1cb8cb9b398818206fd6d9f9ec5f7438747a9177b905dd26c914792cdaeffaa0ca84e24b6502d62b963c47816fb9e1
- SSDEEP
  
  12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2