4fb87e41ca91094ad1de146e5d53e65870fd7ade571f79cea28b11ee6aebaa5a | Triage

Sharing

General

Target

4fb87e41ca91094ad1de146e5d53e65870fd7ade571f79cea28b11ee6aebaa5a
Size

48KB
Sample

221019-rbygyabcgr
MD5

a1a7f36c3b0d7ad6218456fe6541d050
SHA1

b2e033a6d29ade282feba036dcd6cf3d15c9fb34
SHA256

4fb87e41ca91094ad1de146e5d53e65870fd7ade571f79cea28b11ee6aebaa5a
SHA512

6b75257be9b975ca403e0ee25136d0af0ca24890edca14acdc39ac98da29f46b023586194d1bd9e9fa539fcd3ee76ebf357047e0c457c84cc9e1248975468506
SSDEEP

768:2C1JqcBnOR7NTgb2UHtaZH6yDC9VavyOAVx8:2CFKVgBqCWvDox8

Score

7^/10

Malware Config

Targets

- Target
  
  4fb87e41ca91094ad1de146e5d53e65870fd7ade571f79cea28b11ee6aebaa5a
- Size
  
  48KB
- MD5
  
  a1a7f36c3b0d7ad6218456fe6541d050
- SHA1
  
  b2e033a6d29ade282feba036dcd6cf3d15c9fb34
- SHA256
  
  4fb87e41ca91094ad1de146e5d53e65870fd7ade571f79cea28b11ee6aebaa5a
- SHA512
  
  6b75257be9b975ca403e0ee25136d0af0ca24890edca14acdc39ac98da29f46b023586194d1bd9e9fa539fcd3ee76ebf357047e0c457c84cc9e1248975468506
- SSDEEP
  
  768:2C1JqcBnOR7NTgb2UHtaZH6yDC9VavyOAVx8:2CFKVgBqCWvDox8
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2