99a3a04b277180af34cc2d7785205b988c924277501d6f82da70d2033805e80a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

99a3a04b277180af34cc2d7785205b988c924277501d6f82da70d2033805e80a
Size

55KB
Sample

221021-egb5nsahh8
MD5

1e055e85cc7df0fd93f9c0e0684431b1
SHA1

314078ae8b460dee526a78e9bdfd5af0fe59352c
SHA256

99a3a04b277180af34cc2d7785205b988c924277501d6f82da70d2033805e80a
SHA512

ab3c8a0ee2de30c9716bb6f042be817342ee9c04494a7f8057d1511731d0716e3515083f5f85bb475911cb15adda66199bb50b2e7a7bab459f36759ee7388f48
SSDEEP

768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/QosWpH+DrCUpfj:V3cpyORJLuB4P4AJJv4Romu/9tpvUZz

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  99a3a04b277180af34cc2d7785205b988c924277501d6f82da70d2033805e80a
- Size
  
  55KB
- MD5
  
  1e055e85cc7df0fd93f9c0e0684431b1
- SHA1
  
  314078ae8b460dee526a78e9bdfd5af0fe59352c
- SHA256
  
  99a3a04b277180af34cc2d7785205b988c924277501d6f82da70d2033805e80a
- SHA512
  
  ab3c8a0ee2de30c9716bb6f042be817342ee9c04494a7f8057d1511731d0716e3515083f5f85bb475911cb15adda66199bb50b2e7a7bab459f36759ee7388f48
- SSDEEP
  
  768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/QosWpH+DrCUpfj:V3cpyORJLuB4P4AJJv4Romu/9tpvUZz
Score

10^/10

evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2