4e846cce13981b1f641c1f7a531ab77b3e766c40bef4a3e7b61ad317a57ac397 | Triage

Sharing

General

Target

4e846cce13981b1f641c1f7a531ab77b3e766c40bef4a3e7b61ad317a57ac397
Size

600KB
Sample

221123-zxyc3aea64
MD5

5b2702749a8c1bc203a90300a219e130
SHA1

00f1c95d22795503769d918d65f8ef51f987be0e
SHA256

4e846cce13981b1f641c1f7a531ab77b3e766c40bef4a3e7b61ad317a57ac397
SHA512

08f9e09d6ec9640b13c5800293cd9a996c8826af5234b18006e2ad1a137588ffba3c8eaf0348161a887efb767f6742b62e05df44b19880526c20f02d55d19c26
SSDEEP

12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y

Score

8^/10

Malware Config

Targets

- Target
  
  4e846cce13981b1f641c1f7a531ab77b3e766c40bef4a3e7b61ad317a57ac397
- Size
  
  600KB
- MD5
  
  5b2702749a8c1bc203a90300a219e130
- SHA1
  
  00f1c95d22795503769d918d65f8ef51f987be0e
- SHA256
  
  4e846cce13981b1f641c1f7a531ab77b3e766c40bef4a3e7b61ad317a57ac397
- SHA512
  
  08f9e09d6ec9640b13c5800293cd9a996c8826af5234b18006e2ad1a137588ffba3c8eaf0348161a887efb767f6742b62e05df44b19880526c20f02d55d19c26
- SSDEEP
  
  12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2