c4ec98e90398120d7dc00aa71d46965d2196af0fba6f9b14b06c45e6a0572849 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c4ec98e90398120d7dc00aa71d46965d2196af0fba6f9b14b06c45e6a0572849
Size

68KB
Sample

221203-qv8ataeb89
MD5

e917e3481009beff7fdc16e16af2680e
SHA1

c8693f0dff1d445c9bb931fda716fe87fccb07c3
SHA256

c4ec98e90398120d7dc00aa71d46965d2196af0fba6f9b14b06c45e6a0572849
SHA512

b1e01b553fc4a765c46aa36a91bc7287586a1da2e0360e07317f734cddc437c8e35656e4cabfbec89cc557955b0b0e81ca49f16450d5dafea27e6016c796817c
SSDEEP

1536:DEywpJjA2X6RYKJFiooYgugKHeQhngOkfCyZvEkEJCea:oywpphKbiooYguHHeoh+CyFErgl

Score

8^/10

Malware Config

Targets

- Target
  
  c4ec98e90398120d7dc00aa71d46965d2196af0fba6f9b14b06c45e6a0572849
- Size
  
  68KB
- MD5
  
  e917e3481009beff7fdc16e16af2680e
- SHA1
  
  c8693f0dff1d445c9bb931fda716fe87fccb07c3
- SHA256
  
  c4ec98e90398120d7dc00aa71d46965d2196af0fba6f9b14b06c45e6a0572849
- SHA512
  
  b1e01b553fc4a765c46aa36a91bc7287586a1da2e0360e07317f734cddc437c8e35656e4cabfbec89cc557955b0b0e81ca49f16450d5dafea27e6016c796817c
- SSDEEP
  
  1536:DEywpJjA2X6RYKJFiooYgugKHeQhngOkfCyZvEkEJCea:oywpphKbiooYguHHeoh+CyFErgl
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2