d67bedd4d6e447a8070fe00d418e874b5e942041debc4c31dcd1c8194b810420 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d67bedd4d6e447a8070fe00d418e874b5e942041debc4c31dcd1c8194b810420
Size

1.3MB
Sample

221019-vap1ysgce9
MD5

8286cbe2ae68e0fe1def5f49987e2fa4
SHA1

43174fe32da0aa67594595fc273ca2fdb24a5d8e
SHA256

d67bedd4d6e447a8070fe00d418e874b5e942041debc4c31dcd1c8194b810420
SHA512

51d80ae1c56b6581bafee0f1acb1807b2dc5aca983e0bab8d78a276266efc46ae2731717ce17e69af774e540b6afc1223810b6f8039208faf81e2d14bc7692be
SSDEEP

24576:Wi14HEntb6qqW0BtSasydx+/gWD2BND6t3LYXIH1qMQo8:W1HSwKX2zWYYH8o8

Score

8^/10

Malware Config

Targets

- Target
  
  d67bedd4d6e447a8070fe00d418e874b5e942041debc4c31dcd1c8194b810420
- Size
  
  1.3MB
- MD5
  
  8286cbe2ae68e0fe1def5f49987e2fa4
- SHA1
  
  43174fe32da0aa67594595fc273ca2fdb24a5d8e
- SHA256
  
  d67bedd4d6e447a8070fe00d418e874b5e942041debc4c31dcd1c8194b810420
- SHA512
  
  51d80ae1c56b6581bafee0f1acb1807b2dc5aca983e0bab8d78a276266efc46ae2731717ce17e69af774e540b6afc1223810b6f8039208faf81e2d14bc7692be
- SSDEEP
  
  24576:Wi14HEntb6qqW0BtSasydx+/gWD2BND6t3LYXIH1qMQo8:W1HSwKX2zWYYH8o8
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2