e4b06fd491b6d2834fb8e3a1e06ddbd4c21d8cf946a25bf507c132feb5b95826 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e4b06fd491b6d2834fb8e3a1e06ddbd4c21d8cf946a25bf507c132feb5b95826
Size

262KB
Sample

221129-t98fxaaf7s
MD5

0e56a76b8f09c070709cca2805e61b35
SHA1

f0652718278fde6f4d1a57c0a9afd3a804c28448
SHA256

e4b06fd491b6d2834fb8e3a1e06ddbd4c21d8cf946a25bf507c132feb5b95826
SHA512

54240618481071f9be283e026301be9c9ef6290a3ddcd03a97d5a3270f8a6a6698b9fcfe0c07f2c7ba9d860cb5d521202fba29b5be13305cd5ab76f129f548b7
SSDEEP

6144:3F8kYTBvvuWBYmumH5HK+RwHpVn/DbY9na7O8LbZSCjAx:3F8ZThvuWB9H5HnEpVn7bY9a7O8vZSCy

Score

8^/10

Malware Config

Targets

- Target
  
  e4b06fd491b6d2834fb8e3a1e06ddbd4c21d8cf946a25bf507c132feb5b95826
- Size
  
  262KB
- MD5
  
  0e56a76b8f09c070709cca2805e61b35
- SHA1
  
  f0652718278fde6f4d1a57c0a9afd3a804c28448
- SHA256
  
  e4b06fd491b6d2834fb8e3a1e06ddbd4c21d8cf946a25bf507c132feb5b95826
- SHA512
  
  54240618481071f9be283e026301be9c9ef6290a3ddcd03a97d5a3270f8a6a6698b9fcfe0c07f2c7ba9d860cb5d521202fba29b5be13305cd5ab76f129f548b7
- SSDEEP
  
  6144:3F8kYTBvvuWBYmumH5HK+RwHpVn/DbY9na7O8LbZSCjAx:3F8ZThvuWB9H5HnEpVn7bY9a7O8vZSCy
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2