3ef36ff76ed224f2481aa3e4cfa794ad3ae3b2a92780b4429eb95bfa41c9d4a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ef36ff76ed224f2481aa3e4cfa794ad3ae3b2a92780b4429eb95bfa41c9d4a4
Size

20KB
Sample

221002-at4cgafaen
MD5

71252da7034e7e258d06d91cfd5e77d0
SHA1

d45c8d04beb6d26406fa5a5c0ed3e31ecc9906f6
SHA256

3ef36ff76ed224f2481aa3e4cfa794ad3ae3b2a92780b4429eb95bfa41c9d4a4
SHA512

44d59989157d177246c05ad63c30644b4b82bc0e4320e21108ad197faf59b31f0af2cb41a37f21c48096c903e7df1a03f0b1b6be77638bfdf710122a32620206
SSDEEP

384:KOdiKcfZsDiM3PfsBhnRGjLbjnsJzLq1OFU61:KOdvcf41ETfq11s

Score

7^/10

Malware Config

Targets

- Target
  
  3ef36ff76ed224f2481aa3e4cfa794ad3ae3b2a92780b4429eb95bfa41c9d4a4
- Size
  
  20KB
- MD5
  
  71252da7034e7e258d06d91cfd5e77d0
- SHA1
  
  d45c8d04beb6d26406fa5a5c0ed3e31ecc9906f6
- SHA256
  
  3ef36ff76ed224f2481aa3e4cfa794ad3ae3b2a92780b4429eb95bfa41c9d4a4
- SHA512
  
  44d59989157d177246c05ad63c30644b4b82bc0e4320e21108ad197faf59b31f0af2cb41a37f21c48096c903e7df1a03f0b1b6be77638bfdf710122a32620206
- SSDEEP
  
  384:KOdiKcfZsDiM3PfsBhnRGjLbjnsJzLq1OFU61:KOdvcf41ETfq11s
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2