f4ddaa8d6f661c012a62ed64e9fe4b8e852983ab70a91a88b8bf66f48849c9df | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f4ddaa8d6f661c012a62ed64e9fe4b8e852983ab70a91a88b8bf66f48849c9df
Size

6.0MB
Sample

230412-y63tgaeh66
MD5

42cd457b82877e20878e733a9d49f437
SHA1

eb2e55649896307b3cb93637c653f4b2090f759a
SHA256

f4ddaa8d6f661c012a62ed64e9fe4b8e852983ab70a91a88b8bf66f48849c9df
SHA512

dd1a2a6ce4a5ec5778a831b6c47aa253c8ef9393eb91d07d1646588842a798162894bb9da973ceb17c402646ab507f5576ef18bfd79ac544d3ecd9fdc042fc64
SSDEEP

98304:jt2OEugj2k/VZBQh7hbD4kw9V9s8MZlQ7A8OvE+bA1fjtTtu3FL5dYdTiWGELyW4:h2OE1yh7Je9VrYlUA8OvE+boBkHCmALI

Score

7^/10

Malware Config

Targets

- Target
  
  f4ddaa8d6f661c012a62ed64e9fe4b8e852983ab70a91a88b8bf66f48849c9df
- Size
  
  6.0MB
- MD5
  
  42cd457b82877e20878e733a9d49f437
- SHA1
  
  eb2e55649896307b3cb93637c653f4b2090f759a
- SHA256
  
  f4ddaa8d6f661c012a62ed64e9fe4b8e852983ab70a91a88b8bf66f48849c9df
- SHA512
  
  dd1a2a6ce4a5ec5778a831b6c47aa253c8ef9393eb91d07d1646588842a798162894bb9da973ceb17c402646ab507f5576ef18bfd79ac544d3ecd9fdc042fc64
- SSDEEP
  
  98304:jt2OEugj2k/VZBQh7hbD4kw9V9s8MZlQ7A8OvE+bA1fjtTtu3FL5dYdTiWGELyW4:h2OE1yh7Je9VrYlUA8OvE+boBkHCmALI
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2