511c6fe9fb8542d9d1e0d6b58f8f8df230f56373e7edb5e02cd651698b0b2b63 | Triage

Sharing

General

Target

511c6fe9fb8542d9d1e0d6b58f8f8df230f56373e7edb5e02cd651698b0b2b63
Size

654KB
Sample

221123-zxw51aea63
MD5

5cafcabc8d5c1d896f6cce30a37d09d0
SHA1

4622348bc5afd2c6a698fcce93ec12724d1e90f8
SHA256

511c6fe9fb8542d9d1e0d6b58f8f8df230f56373e7edb5e02cd651698b0b2b63
SHA512

f722acc012b6c73a616a1c8bbcb38cfa6f4d4adbf3d482ad7d5dfa7b58754f06a6ead88bd0413c4694a63f71135afa1de98da0afabfa0d91b42000c6642dd04e
SSDEEP

12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y

Score

8^/10

Malware Config

Targets

- Target
  
  511c6fe9fb8542d9d1e0d6b58f8f8df230f56373e7edb5e02cd651698b0b2b63
- Size
  
  654KB
- MD5
  
  5cafcabc8d5c1d896f6cce30a37d09d0
- SHA1
  
  4622348bc5afd2c6a698fcce93ec12724d1e90f8
- SHA256
  
  511c6fe9fb8542d9d1e0d6b58f8f8df230f56373e7edb5e02cd651698b0b2b63
- SHA512
  
  f722acc012b6c73a616a1c8bbcb38cfa6f4d4adbf3d482ad7d5dfa7b58754f06a6ead88bd0413c4694a63f71135afa1de98da0afabfa0d91b42000c6642dd04e
- SSDEEP
  
  12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2