85d63ada869d58c67ca530db9c9df21f9566ae7785fa89da7d4011a5584bb4ea | Triage

Sharing

General

Target

85d63ada869d58c67ca530db9c9df21f9566ae7785fa89da7d4011a5584bb4ea
Size

36KB
Sample

221020-snmrmsbcg5
MD5

9016dcef9453112f9d7395be4b838b20
SHA1

7ba240da64064a20b56bca3165a7ef42653d107e
SHA256

85d63ada869d58c67ca530db9c9df21f9566ae7785fa89da7d4011a5584bb4ea
SHA512

22bd3d3b01b4f4023e6fe676969f08ae78f8a4739375f26a6fad4782c247050e90363500fbe0b3b2d5d5e96670c0deeeba5ed1d7ad4da063224aa7bc2e4b96ee
SSDEEP

384:L2dQuIXT375RK3l6DNDvnqzemXrJ99/BDmy4todF+HO86CxEh99y93KTe70:L6+hUMDNDvzmXrJ9Jotov+HO0043P

Score

7^/10

Malware Config

Targets

- Target
  
  85d63ada869d58c67ca530db9c9df21f9566ae7785fa89da7d4011a5584bb4ea
- Size
  
  36KB
- MD5
  
  9016dcef9453112f9d7395be4b838b20
- SHA1
  
  7ba240da64064a20b56bca3165a7ef42653d107e
- SHA256
  
  85d63ada869d58c67ca530db9c9df21f9566ae7785fa89da7d4011a5584bb4ea
- SHA512
  
  22bd3d3b01b4f4023e6fe676969f08ae78f8a4739375f26a6fad4782c247050e90363500fbe0b3b2d5d5e96670c0deeeba5ed1d7ad4da063224aa7bc2e4b96ee
- SSDEEP
  
  384:L2dQuIXT375RK3l6DNDvnqzemXrJ99/BDmy4todF+HO86CxEh99y93KTe70:L6+hUMDNDvzmXrJ9Jotov+HO0043P
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2