4ffa28145ed0efb0ee2f6c589c07e5d5a8215bec17394f6e6e5f96ecbbbf0ff2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ffa28145ed0efb0ee2f6c589c07e5d5a8215bec17394f6e6e5f96ecbbbf0ff2
Size

4.3MB
Sample

240515-13qe3see7w
MD5

6c4ae065be3539a3bed94c3a33f0d2b1
SHA1

bc2d790721a4e43015017145578dbdc683808038
SHA256

4ffa28145ed0efb0ee2f6c589c07e5d5a8215bec17394f6e6e5f96ecbbbf0ff2
SHA512

5483e6c7ce0e604aa26230f38ff8cd405de6e96fbece2b4563250074da1b3a9efb16f3a29c087980b1f92f2a2cbf6f6bd1d004984c25fccc65cca5582be1854e
SSDEEP

98304:VX4R5F8Xgrv33105R4iduzNRdauPEzBX2DTs1jmhoQysMaL61pnW4iQv2Kfq1m:dKK00j8RdzPEzBXB1jsoQGm67jxffq1m

Score

7^/10

Malware Config

Targets

- Target
  
  4ffa28145ed0efb0ee2f6c589c07e5d5a8215bec17394f6e6e5f96ecbbbf0ff2
- Size
  
  4.3MB
- MD5
  
  6c4ae065be3539a3bed94c3a33f0d2b1
- SHA1
  
  bc2d790721a4e43015017145578dbdc683808038
- SHA256
  
  4ffa28145ed0efb0ee2f6c589c07e5d5a8215bec17394f6e6e5f96ecbbbf0ff2
- SHA512
  
  5483e6c7ce0e604aa26230f38ff8cd405de6e96fbece2b4563250074da1b3a9efb16f3a29c087980b1f92f2a2cbf6f6bd1d004984c25fccc65cca5582be1854e
- SSDEEP
  
  98304:VX4R5F8Xgrv33105R4iduzNRdauPEzBX2DTs1jmhoQysMaL61pnW4iQv2Kfq1m:dKK00j8RdzPEzBXB1jsoQGm67jxffq1m
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2