1072406feff04f25ec115f1395563b772058fe4973e1a1f6fecb4f273f1df75b | Triage

Sharing

General

Target

1072406feff04f25ec115f1395563b772058fe4973e1a1f6fecb4f273f1df75b
Size

36KB
Sample

221019-rb4zqabdal
MD5

551c9fbb6ae7cb8130cd2fa85d74bf87
SHA1

6cb12252a282bfcf8d03bfacc5f5d30acc189e3d
SHA256

1072406feff04f25ec115f1395563b772058fe4973e1a1f6fecb4f273f1df75b
SHA512

74c297edc7c37abcd73049b8a41e3136d4e91f614e178c3b9ba9d3e60441cba9288778dfa8cb37e0f4047483571fe72a8837961ed2c4d674861a689bf28b3ebd
SSDEEP

384:wX7QuQT375RK3l6DNDvnqzemXrJ99/BDmy4todF+HO86CxEh99yooKTe70:wbQhUMDNDvzmXrJ9Jotov+HO00doP

Score

7^/10

Malware Config

Targets

- Target
  
  1072406feff04f25ec115f1395563b772058fe4973e1a1f6fecb4f273f1df75b
- Size
  
  36KB
- MD5
  
  551c9fbb6ae7cb8130cd2fa85d74bf87
- SHA1
  
  6cb12252a282bfcf8d03bfacc5f5d30acc189e3d
- SHA256
  
  1072406feff04f25ec115f1395563b772058fe4973e1a1f6fecb4f273f1df75b
- SHA512
  
  74c297edc7c37abcd73049b8a41e3136d4e91f614e178c3b9ba9d3e60441cba9288778dfa8cb37e0f4047483571fe72a8837961ed2c4d674861a689bf28b3ebd
- SSDEEP
  
  384:wX7QuQT375RK3l6DNDvnqzemXrJ99/BDmy4todF+HO86CxEh99yooKTe70:wbQhUMDNDvzmXrJ9Jotov+HO00doP
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2