4afca4468f397028cc236e1f3470fd500f8d64371b1b9e4640fad75f7a49298f | Triage

Sharing

General

Target

4afca4468f397028cc236e1f3470fd500f8d64371b1b9e4640fad75f7a49298f
Size

3.2MB
Sample

221125-yar24add9z
MD5

44aa089be6cc11035c596d73a0e2429a
SHA1

eae2d930158682f775de100d637043bda10c7f89
SHA256

4afca4468f397028cc236e1f3470fd500f8d64371b1b9e4640fad75f7a49298f
SHA512

5d158501d36ca6f560ab20ca490e840d69ee4f799fac2f793cc16acc9468f2b9a3d75d7c4d56ac5414bb79ac6f4f4ddc2893c9875ef466f2178223e6e1c79b31
SSDEEP

98304:QbUDli9g525pBCU4AGtb2QSpBS/G53XhlP:mUDlb2ct6kc3X/

Score

8^/10

Malware Config

Targets

- Target
  
  4afca4468f397028cc236e1f3470fd500f8d64371b1b9e4640fad75f7a49298f
- Size
  
  3.2MB
- MD5
  
  44aa089be6cc11035c596d73a0e2429a
- SHA1
  
  eae2d930158682f775de100d637043bda10c7f89
- SHA256
  
  4afca4468f397028cc236e1f3470fd500f8d64371b1b9e4640fad75f7a49298f
- SHA512
  
  5d158501d36ca6f560ab20ca490e840d69ee4f799fac2f793cc16acc9468f2b9a3d75d7c4d56ac5414bb79ac6f4f4ddc2893c9875ef466f2178223e6e1c79b31
- SSDEEP
  
  98304:QbUDli9g525pBCU4AGtb2QSpBS/G53XhlP:mUDlb2ct6kc3X/
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2