4ca2e5ac290a15f41d2c209ef66dd98ef3f3574c089619be24bd0580630a3848 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ca2e5ac290a15f41d2c209ef66dd98ef3f3574c089619be24bd0580630a3848
Size

48KB
Sample

240530-1f6hsabe79
MD5

3f7eeccba3951724ee96874a26309db1
SHA1

d23f3482a0dc52e5685e2c4e25aba9e8b0abd61b
SHA256

4ca2e5ac290a15f41d2c209ef66dd98ef3f3574c089619be24bd0580630a3848
SHA512

2d05bd4154b3edb328235a6d412508df0f4235127d110c8870732655eb9622b9d7a004ba9e279ff387149e2b69c7661b7b6d78dd267692037392225ecb9860d0
SSDEEP

768:MApQr0DWvdFJI34HGxusOy9Rp1pLeAxoeC48PqK1OtaP6cCFzEnoB:MAaJJlTsh7pWezEPJQ

Score

7^/10

Malware Config

Targets

- Target
  
  4ca2e5ac290a15f41d2c209ef66dd98ef3f3574c089619be24bd0580630a3848
- Size
  
  48KB
- MD5
  
  3f7eeccba3951724ee96874a26309db1
- SHA1
  
  d23f3482a0dc52e5685e2c4e25aba9e8b0abd61b
- SHA256
  
  4ca2e5ac290a15f41d2c209ef66dd98ef3f3574c089619be24bd0580630a3848
- SHA512
  
  2d05bd4154b3edb328235a6d412508df0f4235127d110c8870732655eb9622b9d7a004ba9e279ff387149e2b69c7661b7b6d78dd267692037392225ecb9860d0
- SSDEEP
  
  768:MApQr0DWvdFJI34HGxusOy9Rp1pLeAxoeC48PqK1OtaP6cCFzEnoB:MAaJJlTsh7pWezEPJQ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2