cf2e84895d6705240ae38fa52347a4609d30497b9618e1edc6df59a1f6950a97 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf2e84895d6705240ae38fa52347a4609d30497b9618e1edc6df59a1f6950a97
Size

527KB
Sample

220919-gysvvsffdn
MD5

e7b0d55c0401910e10542b8c55eb3085
SHA1

c9de192e924daf0fa5369bcd3c6d401374a4e019
SHA256

cf2e84895d6705240ae38fa52347a4609d30497b9618e1edc6df59a1f6950a97
SHA512

35004177fbdc6a3c02aa81c7bd861e1f0e834512e8cae038f0228a86eacd2e3bf35d409e6ec4f15e0642864035ddd5d2d42c5e1c23f0ce864cfdb1468ccea470
SSDEEP

12288:P6PiijUm/R+3xGW+VvHgkXsXmKvE/NymavE3:SKQExGX4IemKM/VavY

Score

7^/10

Malware Config

Targets

- Target
  
  cf2e84895d6705240ae38fa52347a4609d30497b9618e1edc6df59a1f6950a97
- Size
  
  527KB
- MD5
  
  e7b0d55c0401910e10542b8c55eb3085
- SHA1
  
  c9de192e924daf0fa5369bcd3c6d401374a4e019
- SHA256
  
  cf2e84895d6705240ae38fa52347a4609d30497b9618e1edc6df59a1f6950a97
- SHA512
  
  35004177fbdc6a3c02aa81c7bd861e1f0e834512e8cae038f0228a86eacd2e3bf35d409e6ec4f15e0642864035ddd5d2d42c5e1c23f0ce864cfdb1468ccea470
- SSDEEP
  
  12288:P6PiijUm/R+3xGW+VvHgkXsXmKvE/NymavE3:SKQExGX4IemKM/VavY
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2