4bd3d47931c28abb0317df9cc520821d1490872908da29f323f6a8743bc29749 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4bd3d47931c28abb0317df9cc520821d1490872908da29f323f6a8743bc29749N
Size

165KB
Sample

241010-dyg7kswfrh
MD5

1e145080c1f4e959e9c6dc57956268b0
SHA1

115d78f20ebd0495e4e35226fd16b40bf6a89717
SHA256

4bd3d47931c28abb0317df9cc520821d1490872908da29f323f6a8743bc29749
SHA512

44c5c76f2f99259515ceeaf435e589d47fe95083a372e0c6d6dc23281b12751670b5ab56a4acbd31d5f29d0ad572be94e3a612f4aa00310b3166773570cd8388
SSDEEP

3072:c4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4B:ziI/PlY37ZLF4Ca6WABqBOvs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  4bd3d47931c28abb0317df9cc520821d1490872908da29f323f6a8743bc29749N
- Size
  
  165KB
- MD5
  
  1e145080c1f4e959e9c6dc57956268b0
- SHA1
  
  115d78f20ebd0495e4e35226fd16b40bf6a89717
- SHA256
  
  4bd3d47931c28abb0317df9cc520821d1490872908da29f323f6a8743bc29749
- SHA512
  
  44c5c76f2f99259515ceeaf435e589d47fe95083a372e0c6d6dc23281b12751670b5ab56a4acbd31d5f29d0ad572be94e3a612f4aa00310b3166773570cd8388
- SSDEEP
  
  3072:c4HCWau/PlYeuL7ZLFh6Ca6cbL9l2hzB3fJCC6j8+Er6ez4B:ziI/PlY37ZLF4Ca6WABqBOvs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2