414d0e64b75525976a6d77754e4e05ba1b7ee3ba3a4a3a6ecd88c123f6bb0c26 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

414d0e64b75525976a6d77754e4e05ba1b7ee3ba3a4a3a6ecd88c123f6bb0c26
Size

399KB
Sample

221127-2dzg5adc95
MD5

62272ba5c210ab3c8711d9af57703b4b
SHA1

63151351ef4cd0be951d8488a97158109cc69e72
SHA256

414d0e64b75525976a6d77754e4e05ba1b7ee3ba3a4a3a6ecd88c123f6bb0c26
SHA512

58b4728587fd49b6be57853c4cc66895017c766787b4fc64719b9243371fafa7fe74ce30e47affe6619a9364668e5cea6b593073a7d695c6db562829aff55a1d
SSDEEP

6144:2w393dtLEzq58BcFN6Q8AnVcbvcrRJdZ32sYz7ilZQljQhmVVdnc8sXD/Bc:2w35dS4X8AnVcqPZ32rOZMVVhc8sXDJc

Score

8^/10

Malware Config

Targets

- Target
  
  414d0e64b75525976a6d77754e4e05ba1b7ee3ba3a4a3a6ecd88c123f6bb0c26
- Size
  
  399KB
- MD5
  
  62272ba5c210ab3c8711d9af57703b4b
- SHA1
  
  63151351ef4cd0be951d8488a97158109cc69e72
- SHA256
  
  414d0e64b75525976a6d77754e4e05ba1b7ee3ba3a4a3a6ecd88c123f6bb0c26
- SHA512
  
  58b4728587fd49b6be57853c4cc66895017c766787b4fc64719b9243371fafa7fe74ce30e47affe6619a9364668e5cea6b593073a7d695c6db562829aff55a1d
- SSDEEP
  
  6144:2w393dtLEzq58BcFN6Q8AnVcbvcrRJdZ32sYz7ilZQljQhmVVdnc8sXD/Bc:2w35dS4X8AnVcqPZ32rOZMVVhc8sXDJc
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2