55625747af51229ec95778c2ea61d14d43f0e68c4fcff4218ab913da2f8a879a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

55625747af51229ec95778c2ea61d14d43f0e68c4fcff4218ab913da2f8a879a
Size

40KB
Sample

221030-gpzl2sege3
MD5

9348a0255b5daf9eb0874531044db280
SHA1

9a7f4d5fb79cbf9cbc0a4e831e82f51763165d91
SHA256

55625747af51229ec95778c2ea61d14d43f0e68c4fcff4218ab913da2f8a879a
SHA512

89309f9ba0e3fbea828167afa09d8249f286bfad1d3f16b0d393e2122bf7928fa217e99572c2510ac4ec28021bf0bb2d712208a7a7ddba347852021670b464e4
SSDEEP

384:Nrm6ZBF06LtRkzItZpvBXi0WZlzSZsHYRxySz15IL6ps2QdhA4I7m3htnzh:9HBF06J14ZlIxySz15qAstN

Score

7^/10

Malware Config

Targets

- Target
  
  55625747af51229ec95778c2ea61d14d43f0e68c4fcff4218ab913da2f8a879a
- Size
  
  40KB
- MD5
  
  9348a0255b5daf9eb0874531044db280
- SHA1
  
  9a7f4d5fb79cbf9cbc0a4e831e82f51763165d91
- SHA256
  
  55625747af51229ec95778c2ea61d14d43f0e68c4fcff4218ab913da2f8a879a
- SHA512
  
  89309f9ba0e3fbea828167afa09d8249f286bfad1d3f16b0d393e2122bf7928fa217e99572c2510ac4ec28021bf0bb2d712208a7a7ddba347852021670b464e4
- SSDEEP
  
  384:Nrm6ZBF06LtRkzItZpvBXi0WZlzSZsHYRxySz15IL6ps2QdhA4I7m3htnzh:9HBF06J14ZlIxySz15qAstN
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2