79e41ff9b8d7130c0c3fe5454ac96be4b18e25150419ac3eb943d052c850f92c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

79e41ff9b8d7130c0c3fe5454ac96be4b18e25150419ac3eb943d052c850f92c
Size

31KB
Sample

220919-ppntjscfgl
MD5

5634c26547f99381e5c869ca8eeb2a6d
SHA1

8f845c886e2ac2d832bbec8ca8dd2b7c0fa63215
SHA256

79e41ff9b8d7130c0c3fe5454ac96be4b18e25150419ac3eb943d052c850f92c
SHA512

2b61b1decb1026d92d16a3710222074fddb703570b2a32b3f20585c70104adfb5846f39cfc0470e686d09c5ab10b1cf653a849c094e6bf7022b1b277388808b1
SSDEEP

384:4FZeGeDcU/LexZBAspsIoLCVRlNewBytgzZ9n0YmbsR3DC5qeidoDyomqto7I6ut:4F/BmGZBQWlBC6GAVDC5cdoDyYtYuVS

Score

7^/10

Malware Config

Targets

- Target
  
  79e41ff9b8d7130c0c3fe5454ac96be4b18e25150419ac3eb943d052c850f92c
- Size
  
  31KB
- MD5
  
  5634c26547f99381e5c869ca8eeb2a6d
- SHA1
  
  8f845c886e2ac2d832bbec8ca8dd2b7c0fa63215
- SHA256
  
  79e41ff9b8d7130c0c3fe5454ac96be4b18e25150419ac3eb943d052c850f92c
- SHA512
  
  2b61b1decb1026d92d16a3710222074fddb703570b2a32b3f20585c70104adfb5846f39cfc0470e686d09c5ab10b1cf653a849c094e6bf7022b1b277388808b1
- SSDEEP
  
  384:4FZeGeDcU/LexZBAspsIoLCVRlNewBytgzZ9n0YmbsR3DC5qeidoDyomqto7I6ut:4F/BmGZBQWlBC6GAVDC5cdoDyYtYuVS
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2