General

  • Target

    2f8a6a2f328a3656bdb902d937fe79a16c6d9f968465aa43d3adc23fcbba35eb

  • Size

    84KB

  • Sample

    220621-ysybtseef2

  • MD5

    89b7defee5ecdd6bb698973fefcb81d1

  • SHA1

    f7a83e609292ee91ece8b6e841648b7f867d6b3f

  • SHA256

    2f8a6a2f328a3656bdb902d937fe79a16c6d9f968465aa43d3adc23fcbba35eb

  • SHA512

    dd3e4e7e9378958315bfc50fa7fb83c284982615a1d31d1964661dc033a19abd618dd0cb11439b76b1f683d60757dbf969f2a1a4673718e818fda1d47691d466

Score
10/10

Malware Config

Targets

    • Target

      2f8a6a2f328a3656bdb902d937fe79a16c6d9f968465aa43d3adc23fcbba35eb

    • Size

      84KB

    • MD5

      89b7defee5ecdd6bb698973fefcb81d1

    • SHA1

      f7a83e609292ee91ece8b6e841648b7f867d6b3f

    • SHA256

      2f8a6a2f328a3656bdb902d937fe79a16c6d9f968465aa43d3adc23fcbba35eb

    • SHA512

      dd3e4e7e9378958315bfc50fa7fb83c284982615a1d31d1964661dc033a19abd618dd0cb11439b76b1f683d60757dbf969f2a1a4673718e818fda1d47691d466

    Score
    8/10
    • Executes dropped EXE

    • Sets DLL path for service in the registry

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Creates a Windows Service

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks