c6041a556adcd2512f5ba110a2f2702d1b77226d1864e7606df99de9829f3441 | Triage

Sharing

General

Target

c6041a556adcd2512f5ba110a2f2702d1b77226d1864e7606df99de9829f3441
Size

172KB
Sample

221203-qr4hfsdh44
MD5

6154c7ea76642820f2db3a86491405e7
SHA1

421be380ab18041f2573db9f5cae7c77127d923d
SHA256

c6041a556adcd2512f5ba110a2f2702d1b77226d1864e7606df99de9829f3441
SHA512

23b75e5b04a810f00dc5126f0f69372469f9ae1beb80f578789cc3aab55581f3af97203299e95042cf36e694ef68231f592d37fa133a39ac08f27a16ff065820
SSDEEP

3072:7N0GPaXTWQmnfizgd3AWO0/5OXb6e4kRoRicExK6zzama+9eQrso:yrC8P4Tf2zzRaee

Score

8^/10

Malware Config

Targets

- Target
  
  c6041a556adcd2512f5ba110a2f2702d1b77226d1864e7606df99de9829f3441
- Size
  
  172KB
- MD5
  
  6154c7ea76642820f2db3a86491405e7
- SHA1
  
  421be380ab18041f2573db9f5cae7c77127d923d
- SHA256
  
  c6041a556adcd2512f5ba110a2f2702d1b77226d1864e7606df99de9829f3441
- SHA512
  
  23b75e5b04a810f00dc5126f0f69372469f9ae1beb80f578789cc3aab55581f3af97203299e95042cf36e694ef68231f592d37fa133a39ac08f27a16ff065820
- SSDEEP
  
  3072:7N0GPaXTWQmnfizgd3AWO0/5OXb6e4kRoRicExK6zzama+9eQrso:yrC8P4Tf2zzRaee
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2