4d88b5454500052184a6989b433753def2c0b472e1ccc16694c0c7d596cb62a2 | Triage

Sharing

General

Target

4d88b5454500052184a6989b433753def2c0b472e1ccc16694c0c7d596cb62a2
Size

207KB
Sample

230608-gnce5add3v
MD5

e3f57895fe1df3a8c97f96824d3a75e3
SHA1

7841beffbf9c23d2685d2af820c1c1d0b8a6be69
SHA256

4d88b5454500052184a6989b433753def2c0b472e1ccc16694c0c7d596cb62a2
SHA512

ea52653c36f0aa8f342ec77e91375afffaaf1e8613e8f02cb7309007c7589dc9887eea83e148173f1e1dc19d7a18667199160e57a7ca6da48644c760a05d98d3
SSDEEP

3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij

Score

7^/10

Malware Config

Targets

- Target
  
  4d88b5454500052184a6989b433753def2c0b472e1ccc16694c0c7d596cb62a2
- Size
  
  207KB
- MD5
  
  e3f57895fe1df3a8c97f96824d3a75e3
- SHA1
  
  7841beffbf9c23d2685d2af820c1c1d0b8a6be69
- SHA256
  
  4d88b5454500052184a6989b433753def2c0b472e1ccc16694c0c7d596cb62a2
- SHA512
  
  ea52653c36f0aa8f342ec77e91375afffaaf1e8613e8f02cb7309007c7589dc9887eea83e148173f1e1dc19d7a18667199160e57a7ca6da48644c760a05d98d3
- SSDEEP
  
  3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1