44e842593966cbe8f9c0d4a2c34aa0e5ef6eb5c479a24108fed9a307c2a42475 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

047e586954b5babc563ad9d879b267db
Size

420KB
Sample

231224-tchh8aaae2
MD5

047e586954b5babc563ad9d879b267db
SHA1

892d6935dcf947bb8dbfffa35f649d1d921906de
SHA256

44e842593966cbe8f9c0d4a2c34aa0e5ef6eb5c479a24108fed9a307c2a42475
SHA512

b047d93610a2e2702f4a4cb7142230d649105111c95eb65e08024de067dda64e61dface71be67941c3d205db5322300e2901e8876c45d8de41778ab81981e327
SSDEEP

6144:qTfFDbRnOTrigJJQk0Lr2V6c19dM+1oOq1tN6MSA3cBQJPFVGMEQICkvLbx4L8I8:45OMk5HdQS9Q0SSvRW1tsb/4G

Score

7^/10

Malware Config

Targets

- Target
  
  047e586954b5babc563ad9d879b267db
- Size
  
  420KB
- MD5
  
  047e586954b5babc563ad9d879b267db
- SHA1
  
  892d6935dcf947bb8dbfffa35f649d1d921906de
- SHA256
  
  44e842593966cbe8f9c0d4a2c34aa0e5ef6eb5c479a24108fed9a307c2a42475
- SHA512
  
  b047d93610a2e2702f4a4cb7142230d649105111c95eb65e08024de067dda64e61dface71be67941c3d205db5322300e2901e8876c45d8de41778ab81981e327
- SSDEEP
  
  6144:qTfFDbRnOTrigJJQk0Lr2V6c19dM+1oOq1tN6MSA3cBQJPFVGMEQICkvLbx4L8I8:45OMk5HdQS9Q0SSvRW1tsb/4G
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2