4d9b176b2ffc7f8e53fc592517cb84da8da6d122d8c1e0fac1c7eb4bce39e9bf | Triage

Sharing

General

Target

4d9b176b2ffc7f8e53fc592517cb84da8da6d122d8c1e0fac1c7eb4bce39e9bf
Size

1.6MB
Sample

240426-fx2kyaac71
MD5

7d0e2b46361001d7ae70743c786387d2
SHA1

8e1445c713fd428030136a950f35a1590e12baa0
SHA256

4d9b176b2ffc7f8e53fc592517cb84da8da6d122d8c1e0fac1c7eb4bce39e9bf
SHA512

e87da458fd7e60212d42d50046dba97405e56e01c6eacac5321ed87ee9bcdd58c2e492fa0bd86b3ef08291973731371031fce5ec1f63404d04a76923d88f8847
SSDEEP

49152:j5219/B28j5219/BUtTziWgc01sOvrMlg:jG952YG95UtTGWE1sGgg

Score

8^/10

Malware Config

Targets

- Target
  
  4d9b176b2ffc7f8e53fc592517cb84da8da6d122d8c1e0fac1c7eb4bce39e9bf
- Size
  
  1.6MB
- MD5
  
  7d0e2b46361001d7ae70743c786387d2
- SHA1
  
  8e1445c713fd428030136a950f35a1590e12baa0
- SHA256
  
  4d9b176b2ffc7f8e53fc592517cb84da8da6d122d8c1e0fac1c7eb4bce39e9bf
- SHA512
  
  e87da458fd7e60212d42d50046dba97405e56e01c6eacac5321ed87ee9bcdd58c2e492fa0bd86b3ef08291973731371031fce5ec1f63404d04a76923d88f8847
- SSDEEP
  
  49152:j5219/B28j5219/BUtTziWgc01sOvrMlg:jG952YG95UtTGWE1sGgg
Score

8^/10
- Drops file in Drivers directory
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2