6c6654fb1aa859d95a8e19c709d53688b8c8c9ba59e883a62ea16f86619abf2f | Triage

Sharing

General

Target

6c6654fb1aa859d95a8e19c709d53688b8c8c9ba59e883a62ea16f86619abf2f
Size

20KB
Sample

221003-t1szvsehap
MD5

1865a0867c1929dcc27cc10ffc2d3fee
SHA1

4f0f2f0d9663a5848f96802624b1e89f228dd143
SHA256

6c6654fb1aa859d95a8e19c709d53688b8c8c9ba59e883a62ea16f86619abf2f
SHA512

0d3b4d2d52fbba987d98f4cd56331cd6a8a2ba86f9c2c9df326db8b4ec88756fcfc11ef68ae1d71d4939ca20a966181fecb82981f00a93b1a795e9b8d855fb28
SSDEEP

384:3Vdi0x0fZsDiM3PfsBhnRGjLbjnsJz9JQTQ5/1:3VdLx0f41ETZJH59

Score

7^/10

Malware Config

Targets

- Target
  
  6c6654fb1aa859d95a8e19c709d53688b8c8c9ba59e883a62ea16f86619abf2f
- Size
  
  20KB
- MD5
  
  1865a0867c1929dcc27cc10ffc2d3fee
- SHA1
  
  4f0f2f0d9663a5848f96802624b1e89f228dd143
- SHA256
  
  6c6654fb1aa859d95a8e19c709d53688b8c8c9ba59e883a62ea16f86619abf2f
- SHA512
  
  0d3b4d2d52fbba987d98f4cd56331cd6a8a2ba86f9c2c9df326db8b4ec88756fcfc11ef68ae1d71d4939ca20a966181fecb82981f00a93b1a795e9b8d855fb28
- SSDEEP
  
  384:3Vdi0x0fZsDiM3PfsBhnRGjLbjnsJz9JQTQ5/1:3VdLx0f41ETZJH59
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2