tmp

General
Target

tmp

Size

3MB

Sample

220514-r86vkscgaj

Score
8 /10
MD5

af472706053409a5478d0fe3a71c601b

SHA1

b4226313a464857f5a5ee2bc7ba976c23ee44729

SHA256

f7e9080ca25ee0e68a9f7b1557dd8e5ebed57777c83186742ab3489706c30b21

SHA512

5a23bd12d8eefdf06203c9d7fce9efa95092159f084cae79d27811699c21067783d7afe5350cbf2a26e0852d8bb009b5656b5e672a40b6bbe872b6d5283eb1ed

Malware Config
Targets
Target

tmp

MD5

af472706053409a5478d0fe3a71c601b

Filesize

3MB

Score
8/10
SHA1

b4226313a464857f5a5ee2bc7ba976c23ee44729

SHA256

f7e9080ca25ee0e68a9f7b1557dd8e5ebed57777c83186742ab3489706c30b21

SHA512

5a23bd12d8eefdf06203c9d7fce9efa95092159f084cae79d27811699c21067783d7afe5350cbf2a26e0852d8bb009b5656b5e672a40b6bbe872b6d5283eb1ed

Signatures

  • Executes dropped EXE

  • Checks computer location settings

    Description

    Looks up country code configured in the registry, likely geofence.

    TTPs

    Query RegistrySystem Information Discovery
  • Loads dropped DLL

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        behavioral1

                        8/10

                        behavioral2

                        8/10