88eb97d1266dee347a33422d105af7d0e5a8230b092fce13fe1784c274059d0b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

88eb97d1266dee347a33422d105af7d0e5a8230b092fce13fe1784c274059d0b
Size

55KB
Sample

221020-tm9epachh9
MD5

962f8b93ad19ed2112f7ad2137973af6
SHA1

ff0e13055f78d820162e2f518c9f08bf01642265
SHA256

88eb97d1266dee347a33422d105af7d0e5a8230b092fce13fe1784c274059d0b
SHA512

66954355f2b4b6884c470c68ea87742b8f1a5762fe636ccd034a7165dbc55e35762fb0fb6bb617ad212f2fb430697bb9c8b128cae96eb83a10d042304c24b2c0
SSDEEP

768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/QosWpH+DrCUpfV:V3cpyORJLuB4P4AJJv4Romu/9tpvUZF

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  88eb97d1266dee347a33422d105af7d0e5a8230b092fce13fe1784c274059d0b
- Size
  
  55KB
- MD5
  
  962f8b93ad19ed2112f7ad2137973af6
- SHA1
  
  ff0e13055f78d820162e2f518c9f08bf01642265
- SHA256
  
  88eb97d1266dee347a33422d105af7d0e5a8230b092fce13fe1784c274059d0b
- SHA512
  
  66954355f2b4b6884c470c68ea87742b8f1a5762fe636ccd034a7165dbc55e35762fb0fb6bb617ad212f2fb430697bb9c8b128cae96eb83a10d042304c24b2c0
- SSDEEP
  
  768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/QosWpH+DrCUpfV:V3cpyORJLuB4P4AJJv4Romu/9tpvUZF
Score

10^/10

evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2