9b6fc83b4286a6f73ff4711fe2d3c43eac0c8339056b9cf97aa94c2bf8176c38 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9b6fc83b4286a6f73ff4711fe2d3c43eac0c8339056b9cf97aa94c2bf8176c38
Size

55KB
Sample

221028-wbwessgha5
MD5

0065efe2277c085de7617e39e4c1a9ba
SHA1

d9eda2ced71daa3cd859bc4972fb8c7ba54c5752
SHA256

9b6fc83b4286a6f73ff4711fe2d3c43eac0c8339056b9cf97aa94c2bf8176c38
SHA512

c2febc07ab403047dab26abe150a014d141a4613abcf76b9e7deff3db0d36ef4072e6d084ee63bc9b9167794fe667f655bfdd7268f66af94da6d592114c3618c
SSDEEP

768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/QosWpH+DrCUpfm:V3cpyORJLuB4P4AJJv4Romu/9tpvUZW

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  9b6fc83b4286a6f73ff4711fe2d3c43eac0c8339056b9cf97aa94c2bf8176c38
- Size
  
  55KB
- MD5
  
  0065efe2277c085de7617e39e4c1a9ba
- SHA1
  
  d9eda2ced71daa3cd859bc4972fb8c7ba54c5752
- SHA256
  
  9b6fc83b4286a6f73ff4711fe2d3c43eac0c8339056b9cf97aa94c2bf8176c38
- SHA512
  
  c2febc07ab403047dab26abe150a014d141a4613abcf76b9e7deff3db0d36ef4072e6d084ee63bc9b9167794fe667f655bfdd7268f66af94da6d592114c3618c
- SSDEEP
  
  768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/QosWpH+DrCUpfm:V3cpyORJLuB4P4AJJv4Romu/9tpvUZW
Score

10^/10

evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2