46dbd4a9197ac5420c0027f1e7fe8bd7521b44c0fc59973ac50a36506be76b59 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46dbd4a9197ac5420c0027f1e7fe8bd7521b44c0fc59973ac50a36506be76b59
Size

207KB
Sample

230607-qhhvdsah76
MD5

9778040af71142084f41eb26dc5a2a54
SHA1

0a43a1d8870262ceecb6a0d1345103d41ffa7a9d
SHA256

46dbd4a9197ac5420c0027f1e7fe8bd7521b44c0fc59973ac50a36506be76b59
SHA512

42fc85f368772faa4cc52bd2fbfa3a4bbafe8424a384a5bd65c97aea06181845aca3d572d0e2212e741dd3398a04e13d543d59d1f9734c4bc4e35534981b8c9a
SSDEEP

3072:meTRJ0kHbnpN23kQKp5XzutZXKGrpeN84LuZAIybiy3xEfbi:FTR2AnpN2wDurXBeBuZAIMEj

Score

7^/10

Malware Config

Targets

- Target
  
  46dbd4a9197ac5420c0027f1e7fe8bd7521b44c0fc59973ac50a36506be76b59
- Size
  
  207KB
- MD5
  
  9778040af71142084f41eb26dc5a2a54
- SHA1
  
  0a43a1d8870262ceecb6a0d1345103d41ffa7a9d
- SHA256
  
  46dbd4a9197ac5420c0027f1e7fe8bd7521b44c0fc59973ac50a36506be76b59
- SHA512
  
  42fc85f368772faa4cc52bd2fbfa3a4bbafe8424a384a5bd65c97aea06181845aca3d572d0e2212e741dd3398a04e13d543d59d1f9734c4bc4e35534981b8c9a
- SSDEEP
  
  3072:meTRJ0kHbnpN23kQKp5XzutZXKGrpeN84LuZAIybiy3xEfbi:FTR2AnpN2wDurXBeBuZAIMEj
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1