4b1d45ca937326cf2a5df042d80056d1188e1063f18b06a627eccb81ee387baf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b1d45ca937326cf2a5df042d80056d1188e1063f18b06a627eccb81ee387baf
Size

280KB
Sample

240528-z1zejace3t
MD5

a0934dec48467d574a0305c2fd90faf1
SHA1

9528a35509c43f9feae2df884d35373621afb811
SHA256

4b1d45ca937326cf2a5df042d80056d1188e1063f18b06a627eccb81ee387baf
SHA512

b8bf95008c79962b740b52bc64774ac335ede2826c24d022e8699b26f904e33577bb4f41e16e0e0b4bb5b96ef4c4e3fe47f92dde1f4324b9910aeae3b2d9674a
SSDEEP

6144:GQ+Tyfx4NF67Sbq2nW82X45gc3BaLZVS0mOoC8zbzDie:GQMyfmNFHfnWfhLZVHmOog

Score

7^/10

Malware Config

Targets

- Target
  
  4b1d45ca937326cf2a5df042d80056d1188e1063f18b06a627eccb81ee387baf
- Size
  
  280KB
- MD5
  
  a0934dec48467d574a0305c2fd90faf1
- SHA1
  
  9528a35509c43f9feae2df884d35373621afb811
- SHA256
  
  4b1d45ca937326cf2a5df042d80056d1188e1063f18b06a627eccb81ee387baf
- SHA512
  
  b8bf95008c79962b740b52bc64774ac335ede2826c24d022e8699b26f904e33577bb4f41e16e0e0b4bb5b96ef4c4e3fe47f92dde1f4324b9910aeae3b2d9674a
- SSDEEP
  
  6144:GQ+Tyfx4NF67Sbq2nW82X45gc3BaLZVS0mOoC8zbzDie:GQMyfmNFHfnWfhLZVHmOog
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2