6d50269549bc0220e85ff4f259f2de17cea95647c0f30c02b270ecd2b15e8d50 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6d50269549bc0220e85ff4f259f2de17cea95647c0f30c02b270ecd2b15e8d50
Size

1.1MB
Sample

240913-1wfmas1dnn
MD5

a4856963c51f1aa2af7e58234821e914
SHA1

568d09942f892ddf7fd1436ea0897311c66f63fb
SHA256

6d50269549bc0220e85ff4f259f2de17cea95647c0f30c02b270ecd2b15e8d50
SHA512

5bc6bd4a235d8a2b4511a2463ff4d597a99a125e8fa1a08e59042831ec04c7b4fe435c7ba30f0d584293e6f1660546e1d1fd6f985e334b6d078d9730d37bb2af
SSDEEP

24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5QJ:acallSllG4ZM7QzMq

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  6d50269549bc0220e85ff4f259f2de17cea95647c0f30c02b270ecd2b15e8d50
- Size
  
  1.1MB
- MD5
  
  a4856963c51f1aa2af7e58234821e914
- SHA1
  
  568d09942f892ddf7fd1436ea0897311c66f63fb
- SHA256
  
  6d50269549bc0220e85ff4f259f2de17cea95647c0f30c02b270ecd2b15e8d50
- SHA512
  
  5bc6bd4a235d8a2b4511a2463ff4d597a99a125e8fa1a08e59042831ec04c7b4fe435c7ba30f0d584293e6f1660546e1d1fd6f985e334b6d078d9730d37bb2af
- SSDEEP
  
  24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5QJ:acallSllG4ZM7QzMq
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2