4ac9ff2fbc14791f18ffcb4cd6320462682cd7110599b0ce4c0b1bb64be07e9b | Triage

Sharing

General

Target

4ac9ff2fbc14791f18ffcb4cd6320462682cd7110599b0ce4c0b1bb64be07e9b
Size

22.2MB
Sample

230212-qlft7seb87
MD5

af46abc16e4d65f45b51c01446398f65
SHA1

30046b5fa0eb272f569be8caeeaa1898ff647c21
SHA256

4ac9ff2fbc14791f18ffcb4cd6320462682cd7110599b0ce4c0b1bb64be07e9b
SHA512

234d8fdb798dc0352c9bd3ec410b92e619efffc087febdfad0e8722c9b22f7f1a517cd29f8f56c7bbb9f945082e8bfb9f7550c7f3a8eae05a5133108080240a5
SSDEEP

393216:NL5iM0DbzFHkEvvHAkXbliVn5ZXBW0DNT3qIDrUGCa0oCeX48dBALDxXYtA1Bfmd:uMgbzFHkEXgkLl25ZRW0DNT6IDrUGCal

Score

7^/10

Malware Config

Targets

- Target
  
  4ac9ff2fbc14791f18ffcb4cd6320462682cd7110599b0ce4c0b1bb64be07e9b
- Size
  
  22.2MB
- MD5
  
  af46abc16e4d65f45b51c01446398f65
- SHA1
  
  30046b5fa0eb272f569be8caeeaa1898ff647c21
- SHA256
  
  4ac9ff2fbc14791f18ffcb4cd6320462682cd7110599b0ce4c0b1bb64be07e9b
- SHA512
  
  234d8fdb798dc0352c9bd3ec410b92e619efffc087febdfad0e8722c9b22f7f1a517cd29f8f56c7bbb9f945082e8bfb9f7550c7f3a8eae05a5133108080240a5
- SSDEEP
  
  393216:NL5iM0DbzFHkEvvHAkXbliVn5ZXBW0DNT3qIDrUGCa0oCeX48dBALDxXYtA1Bfmd:uMgbzFHkEXgkLl25ZRW0DNT6IDrUGCal
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2