cff8240679fda8a70450fcf911e9fa1625f56a2784e71cdb3bfe64b8d3a10c51 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cff8240679fda8a70450fcf911e9fa1625f56a2784e71cdb3bfe64b8d3a10c51
Size

40KB
Sample

220919-hrycfahbgk
MD5

444656a8293a50d964e3eecc3d952a96
SHA1

df4c98d6298dcc07f474e589a5261b774aa5b589
SHA256

cff8240679fda8a70450fcf911e9fa1625f56a2784e71cdb3bfe64b8d3a10c51
SHA512

ccf774aed10e785b26f415ef813234ad77d36e1fce6aad7f5f3ceba9436abf375bb62c3d57f657506a5c7ac3edcb852e3623fbecdbc4bff801ffaa83aecf515a
SSDEEP

768:hLFnz6CDBBpUSlxoxUkiLRl3R3WLOsyd:hL19DroORf0asyd

Score

8^/10

Malware Config

Targets

- Target
  
  cff8240679fda8a70450fcf911e9fa1625f56a2784e71cdb3bfe64b8d3a10c51
- Size
  
  40KB
- MD5
  
  444656a8293a50d964e3eecc3d952a96
- SHA1
  
  df4c98d6298dcc07f474e589a5261b774aa5b589
- SHA256
  
  cff8240679fda8a70450fcf911e9fa1625f56a2784e71cdb3bfe64b8d3a10c51
- SHA512
  
  ccf774aed10e785b26f415ef813234ad77d36e1fce6aad7f5f3ceba9436abf375bb62c3d57f657506a5c7ac3edcb852e3623fbecdbc4bff801ffaa83aecf515a
- SSDEEP
  
  768:hLFnz6CDBBpUSlxoxUkiLRl3R3WLOsyd:hL19DroORf0asyd
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2