40638a578a61d7d879baba9d2c4ae85d1c6dbe741d38d1feccd728505ad6c5e8 | Triage

Sharing

General

Target

40638a578a61d7d879baba9d2c4ae85d1c6dbe741d38d1feccd728505ad6c5e8
Size

706KB
Sample

221202-3zgpwaba4w
MD5

cb039f48a0eec682b9a1f67981233980
SHA1

f338e572a5e959520e248852c18f517e93f0b784
SHA256

40638a578a61d7d879baba9d2c4ae85d1c6dbe741d38d1feccd728505ad6c5e8
SHA512

7e62918e00791749da36ac59f32e6ae39303426d3a87c1b38e953254ffeabb61400ec122465b845a2c7acf35b181a6dc83a44c36bfc2e871c7c90d91977a9241
SSDEEP

12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y

Score

8^/10

Malware Config

Targets

- Target
  
  40638a578a61d7d879baba9d2c4ae85d1c6dbe741d38d1feccd728505ad6c5e8
- Size
  
  706KB
- MD5
  
  cb039f48a0eec682b9a1f67981233980
- SHA1
  
  f338e572a5e959520e248852c18f517e93f0b784
- SHA256
  
  40638a578a61d7d879baba9d2c4ae85d1c6dbe741d38d1feccd728505ad6c5e8
- SHA512
  
  7e62918e00791749da36ac59f32e6ae39303426d3a87c1b38e953254ffeabb61400ec122465b845a2c7acf35b181a6dc83a44c36bfc2e871c7c90d91977a9241
- SSDEEP
  
  12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2