82043e3fd9922ee295ab24e5fa98aa5b12272e0b4e9b0a4566ebbbdc651fcda0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

82043e3fd9922ee295ab24e5fa98aa5b12272e0b4e9b0a4566ebbbdc651fcda0
Size

670KB
Sample

221029-zhhztsecf5
MD5

84c0ca7012d5eecfe169bcc89a8020d0
SHA1

fcd0985671f078cf0e24ea8a114f15d1725a2360
SHA256

82043e3fd9922ee295ab24e5fa98aa5b12272e0b4e9b0a4566ebbbdc651fcda0
SHA512

1f9b3778fed1003240d745c067d0701c2d66346de937febbacfcf560a4d57098a61b8de76f0df7ff2abce1049b3f3710a72ff26f6751dc9b452f0f770d9ddf0e
SSDEEP

12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y

Score

8^/10

Malware Config

Targets

- Target
  
  82043e3fd9922ee295ab24e5fa98aa5b12272e0b4e9b0a4566ebbbdc651fcda0
- Size
  
  670KB
- MD5
  
  84c0ca7012d5eecfe169bcc89a8020d0
- SHA1
  
  fcd0985671f078cf0e24ea8a114f15d1725a2360
- SHA256
  
  82043e3fd9922ee295ab24e5fa98aa5b12272e0b4e9b0a4566ebbbdc651fcda0
- SHA512
  
  1f9b3778fed1003240d745c067d0701c2d66346de937febbacfcf560a4d57098a61b8de76f0df7ff2abce1049b3f3710a72ff26f6751dc9b452f0f770d9ddf0e
- SSDEEP
  
  12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2