aaffb6b1d0ef646e1aa2e9af0e2bfee8e69414723b86410ae7a4b43227e6847d | Triage

Sharing

General

Target

aaffb6b1d0ef646e1aa2e9af0e2bfee8e69414723b86410ae7a4b43227e6847d
Size

96KB
Sample

221002-je77jsfcfp
MD5

70ac06f2a27f225b0a2a208a7958be20
SHA1

ad69805512e2a4d06ed21a5a4a1e5c0bb89ed32b
SHA256

aaffb6b1d0ef646e1aa2e9af0e2bfee8e69414723b86410ae7a4b43227e6847d
SHA512

b1513761a059f9ec3123061cd8adce3cdcbb422fa500c06a2dec866b160d2e39db79037acc8473b96b36650f3e2e4db1651a0cdff307157f33463ac584c59119
SSDEEP

1536:10rCEP0GjCxXWDuQ4XRrzIqOR7nGwCez1m:SLCxM4VIVtCg

Score

7^/10

Malware Config

Targets

- Target
  
  aaffb6b1d0ef646e1aa2e9af0e2bfee8e69414723b86410ae7a4b43227e6847d
- Size
  
  96KB
- MD5
  
  70ac06f2a27f225b0a2a208a7958be20
- SHA1
  
  ad69805512e2a4d06ed21a5a4a1e5c0bb89ed32b
- SHA256
  
  aaffb6b1d0ef646e1aa2e9af0e2bfee8e69414723b86410ae7a4b43227e6847d
- SHA512
  
  b1513761a059f9ec3123061cd8adce3cdcbb422fa500c06a2dec866b160d2e39db79037acc8473b96b36650f3e2e4db1651a0cdff307157f33463ac584c59119
- SSDEEP
  
  1536:10rCEP0GjCxXWDuQ4XRrzIqOR7nGwCez1m:SLCxM4VIVtCg
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2