499cd2617fef2e72476ace0e5733168dedf22970e3d7cfd489ba3746fec25643 | Triage

Sharing

General

Target

499cd2617fef2e72476ace0e5733168dedf22970e3d7cfd489ba3746fec25643
Size

6.8MB
Sample

240418-1b6mzsge3t
MD5

6b68a3ecf391a162b17cbd470c1fe2a6
SHA1

a9e4690c01f8aca9408b7d260207340f93bd085c
SHA256

499cd2617fef2e72476ace0e5733168dedf22970e3d7cfd489ba3746fec25643
SHA512

0ed7bbbc9a735cf2b48fb714cabf7dbb7fe643afac8841d24e32eb0f630db5758ada9447921ec9d80cbe4b0d2ebd5b490c1fa936c17c58c8d85a54791e6d4bff
SSDEEP

98304:cAc0gJCw2IbHEEpdSWiLKeNkBhjvJCpy/2qW2LjDfKMic8qMKtyp8QNO0:wlJCdokEpdSHLKa0WazKLxvJ

Score

7^/10

Malware Config

Targets

- Target
  
  499cd2617fef2e72476ace0e5733168dedf22970e3d7cfd489ba3746fec25643
- Size
  
  6.8MB
- MD5
  
  6b68a3ecf391a162b17cbd470c1fe2a6
- SHA1
  
  a9e4690c01f8aca9408b7d260207340f93bd085c
- SHA256
  
  499cd2617fef2e72476ace0e5733168dedf22970e3d7cfd489ba3746fec25643
- SHA512
  
  0ed7bbbc9a735cf2b48fb714cabf7dbb7fe643afac8841d24e32eb0f630db5758ada9447921ec9d80cbe4b0d2ebd5b490c1fa936c17c58c8d85a54791e6d4bff
- SSDEEP
  
  98304:cAc0gJCw2IbHEEpdSWiLKeNkBhjvJCpy/2qW2LjDfKMic8qMKtyp8QNO0:wlJCdokEpdSHLKa0WazKLxvJ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2