f560c3986f4f5493e0d6c1f8a8c90ed116f0a3f5ac3ff9ca4b0df87eac2aee6a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f560c3986f4f5493e0d6c1f8a8c90ed116f0a3f5ac3ff9ca4b0df87eac2aee6a
Size

1.1MB
Sample

240529-c9mqrsfe2s
MD5

50713e49f54f8363862a5be7515f55f7
SHA1

e672f5c7258b9e2c474d457801d588dff235c066
SHA256

f560c3986f4f5493e0d6c1f8a8c90ed116f0a3f5ac3ff9ca4b0df87eac2aee6a
SHA512

368ac18c015f962e185bb2304d1cb10a3f3c7ad9764c7859835358eaacc3a31911c0144760232ed1d4c80ce05ed42f427b0530f50b49c68bbbd21b22bc6a060e
SSDEEP

24576:aH0pl8myX9BgT2QoXFkrzkmmlSgRZko0lG4Z8r7Qfbkiu5Q+:alaClSXlG4ZM7QzMR

Score

7^/10

Malware Config

Targets

- Target
  
  f560c3986f4f5493e0d6c1f8a8c90ed116f0a3f5ac3ff9ca4b0df87eac2aee6a
- Size
  
  1.1MB
- MD5
  
  50713e49f54f8363862a5be7515f55f7
- SHA1
  
  e672f5c7258b9e2c474d457801d588dff235c066
- SHA256
  
  f560c3986f4f5493e0d6c1f8a8c90ed116f0a3f5ac3ff9ca4b0df87eac2aee6a
- SHA512
  
  368ac18c015f962e185bb2304d1cb10a3f3c7ad9764c7859835358eaacc3a31911c0144760232ed1d4c80ce05ed42f427b0530f50b49c68bbbd21b22bc6a060e
- SSDEEP
  
  24576:aH0pl8myX9BgT2QoXFkrzkmmlSgRZko0lG4Z8r7Qfbkiu5Q+:alaClSXlG4ZM7QzMR
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2