4975825c15e5bef4f8528de7f316829e95d351b192b4b1fd44f26c1d1d73671e | Triage

Sharing

General

Target

4975825c15e5bef4f8528de7f316829e95d351b192b4b1fd44f26c1d1d73671e
Size

5.1MB
Sample

221219-ca5gjaea68
MD5

0194f6b3f7cbfe2efe611bdad56fbbb1
SHA1

fe33a5c2ea3a7093da4727229bd53a8f70ea83da
SHA256

4975825c15e5bef4f8528de7f316829e95d351b192b4b1fd44f26c1d1d73671e
SHA512

0cc651630ca3c8068b3b3b7b9561dbde60dfa51216751aa954e29fa27914e12e82b24845e5dbc9967648e6ab4059ea58cfa58ef6b7a1280b74ce8808244c1191
SSDEEP

98304:5WyfuvmOGUR9js3aZkWUY4WSb56uDZ5M8nJT5A3C+XmZwZgaSLRad6uxcAPRpw92:5jfuvmOGURCY66Ey8rjoowZgaSq6uGIL

Score

8^/10

Malware Config

Targets

- Target
  
  4975825c15e5bef4f8528de7f316829e95d351b192b4b1fd44f26c1d1d73671e
- Size
  
  5.1MB
- MD5
  
  0194f6b3f7cbfe2efe611bdad56fbbb1
- SHA1
  
  fe33a5c2ea3a7093da4727229bd53a8f70ea83da
- SHA256
  
  4975825c15e5bef4f8528de7f316829e95d351b192b4b1fd44f26c1d1d73671e
- SHA512
  
  0cc651630ca3c8068b3b3b7b9561dbde60dfa51216751aa954e29fa27914e12e82b24845e5dbc9967648e6ab4059ea58cfa58ef6b7a1280b74ce8808244c1191
- SSDEEP
  
  98304:5WyfuvmOGUR9js3aZkWUY4WSb56uDZ5M8nJT5A3C+XmZwZgaSLRad6uxcAPRpw92:5jfuvmOGURCY66Ey8rjoowZgaSq6uGIL
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3