b116eaa14d9c947b1f7c4b6368d2a9bb29ae297f0e0fbc5fed8c185355ab6874 | Triage

Sharing

General

Target

b116eaa14d9c947b1f7c4b6368d2a9bb29ae297f0e0fbc5fed8c185355ab6874
Size

76KB
Sample

221002-swqhhaeaen
MD5

6b45e97402c483b4aca61f3f70f26848
SHA1

40199f38a00da11048d10afba26f953b782a403a
SHA256

b116eaa14d9c947b1f7c4b6368d2a9bb29ae297f0e0fbc5fed8c185355ab6874
SHA512

ee0e4496368fcd48618eef17b6c2f9234db12fc91188e346490331df1f9a9070d2da3aabae6f2f5c49049a30e38ae7228a1056168ce32e8b8ca73a7baa67919e
SSDEEP

1536:xidlOpARzc+o3Kef6b4BnnjmNHp0HHJazt+ZeR9:MdguxfbknywHHJaRB9

Score

7^/10

Malware Config

Targets

- Target
  
  b116eaa14d9c947b1f7c4b6368d2a9bb29ae297f0e0fbc5fed8c185355ab6874
- Size
  
  76KB
- MD5
  
  6b45e97402c483b4aca61f3f70f26848
- SHA1
  
  40199f38a00da11048d10afba26f953b782a403a
- SHA256
  
  b116eaa14d9c947b1f7c4b6368d2a9bb29ae297f0e0fbc5fed8c185355ab6874
- SHA512
  
  ee0e4496368fcd48618eef17b6c2f9234db12fc91188e346490331df1f9a9070d2da3aabae6f2f5c49049a30e38ae7228a1056168ce32e8b8ca73a7baa67919e
- SSDEEP
  
  1536:xidlOpARzc+o3Kef6b4BnnjmNHp0HHJazt+ZeR9:MdguxfbknywHHJaRB9
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2