8c296d430abac760027b4fe41693f350415016b5ed7afc92a6e845bc13530ed9 | Triage

Sharing

General

Target

8c296d430abac760027b4fe41693f350415016b5ed7afc92a6e845bc13530ed9
Size

1.3MB
Sample

221020-vpxpcaegak
MD5

a03f86a4e038f58c3200d1350cd50582
SHA1

8fc711f15e31cde03dc674939d3de2e995887818
SHA256

8c296d430abac760027b4fe41693f350415016b5ed7afc92a6e845bc13530ed9
SHA512

f1bd74d8ddc189d35936021fb10c6e47a1476e57be886514b9147af6223ce8557422c79e8a4285bf91fb6c5381042689c69f1282060858b0a07357d655661be7
SSDEEP

24576:Li14HEntb6qqW0BtSasydx+/gWD2BND6t3LYXIH1qMQoRS8:L1HSwKX2zWYYH8o5

Score

8^/10

Malware Config

Targets

- Target
  
  8c296d430abac760027b4fe41693f350415016b5ed7afc92a6e845bc13530ed9
- Size
  
  1.3MB
- MD5
  
  a03f86a4e038f58c3200d1350cd50582
- SHA1
  
  8fc711f15e31cde03dc674939d3de2e995887818
- SHA256
  
  8c296d430abac760027b4fe41693f350415016b5ed7afc92a6e845bc13530ed9
- SHA512
  
  f1bd74d8ddc189d35936021fb10c6e47a1476e57be886514b9147af6223ce8557422c79e8a4285bf91fb6c5381042689c69f1282060858b0a07357d655661be7
- SSDEEP
  
  24576:Li14HEntb6qqW0BtSasydx+/gWD2BND6t3LYXIH1qMQoRS8:L1HSwKX2zWYYH8o5
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2