d16f1f512e1251f573a9286afa7fba25facf1380e810215d16aa83babcec59e8 | Triage

Sharing

General

Target

d16f1f512e1251f573a9286afa7fba25facf1380e810215d16aa83babcec59e8
Size

648KB
Sample

221011-f5nztagbf4
MD5

68b4673152111ecc0526533c9f19ad90
SHA1

358a23e378e6656b85dff24f438cfb06d0b16b3d
SHA256

d16f1f512e1251f573a9286afa7fba25facf1380e810215d16aa83babcec59e8
SHA512

b5370d06498ff62e2853db37b0596d07eb29407c11d9d2e3d78b3771ee15644a5cfe758f5c144556d64c6101d9bfcaa5053c4288a7d4dd036e05fc9969ad6135
SSDEEP

12288:OHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:ODgINfAuBcgcZG2uG24MG4Y

Score

8^/10

Malware Config

Targets

- Target
  
  d16f1f512e1251f573a9286afa7fba25facf1380e810215d16aa83babcec59e8
- Size
  
  648KB
- MD5
  
  68b4673152111ecc0526533c9f19ad90
- SHA1
  
  358a23e378e6656b85dff24f438cfb06d0b16b3d
- SHA256
  
  d16f1f512e1251f573a9286afa7fba25facf1380e810215d16aa83babcec59e8
- SHA512
  
  b5370d06498ff62e2853db37b0596d07eb29407c11d9d2e3d78b3771ee15644a5cfe758f5c144556d64c6101d9bfcaa5053c4288a7d4dd036e05fc9969ad6135
- SSDEEP
  
  12288:OHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:ODgINfAuBcgcZG2uG24MG4Y
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2