161c1995f4f580fa148f3b0d9cf82cb519c1d92d2deb8366bb8666367e987b13 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

161c1995f4f580fa148f3b0d9cf82cb519c1d92d2deb8366bb8666367e987b13
Size

74KB
Sample

221003-ddyntsdbb5
MD5

44c3c024ec5a09f947bd57e5f4e2a8a0
SHA1

7512bb719ec31c514695737b3d8d82fce461cf43
SHA256

161c1995f4f580fa148f3b0d9cf82cb519c1d92d2deb8366bb8666367e987b13
SHA512

b10fa496e508e1318dcd30088c84553e9a59225340afa3b1932e949bca5acc763c14bc237341d179142833358914aa2652b87523e749ae5e74665efcc0f19b9a
SSDEEP

768:9LLJKk0OmxBuVtOoCrIXo6BjZDpx0pcTV6oI+DwbJKRRmWNi:NLEk0OVtOoCZ6B1p6GDwoRR/i

Score

7^/10

Malware Config

Targets

- Target
  
  161c1995f4f580fa148f3b0d9cf82cb519c1d92d2deb8366bb8666367e987b13
- Size
  
  74KB
- MD5
  
  44c3c024ec5a09f947bd57e5f4e2a8a0
- SHA1
  
  7512bb719ec31c514695737b3d8d82fce461cf43
- SHA256
  
  161c1995f4f580fa148f3b0d9cf82cb519c1d92d2deb8366bb8666367e987b13
- SHA512
  
  b10fa496e508e1318dcd30088c84553e9a59225340afa3b1932e949bca5acc763c14bc237341d179142833358914aa2652b87523e749ae5e74665efcc0f19b9a
- SSDEEP
  
  768:9LLJKk0OmxBuVtOoCrIXo6BjZDpx0pcTV6oI+DwbJKRRmWNi:NLEk0OVtOoCZ6B1p6GDwoRR/i
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2