ca1ebc200bab237a262fc3c95eb758cdc184e740920f58419c148539487b5fa4 | Triage

Sharing

General

Target

ca1ebc200bab237a262fc3c95eb758cdc184e740920f58419c148539487b5fa4
Size

107KB
Sample

221030-yd85sagaa4
MD5

a10a405c29a4e7287e7f07ca2a48eed0
SHA1

5d0c590212dd836f5866685098d9874ffeb9094d
SHA256

ca1ebc200bab237a262fc3c95eb758cdc184e740920f58419c148539487b5fa4
SHA512

613f0e57fd4589b6ffe29886deda60f0a3758226599a664e58cc9a9e32e94b82d23d7d158fe50e927aa4461fef9fe64a4ee16d0ab53c811baaa80b72f1763103
SSDEEP

1536:dgGlPXkg5TiVOhA9Z4heidGVzoSL99vKlZjuTCdOpi353BlxLg2VhJu:dgYX0VOQSw31oSLHvKlZ8CdOpG3Blxf

Score

7^/10

Malware Config

Targets

- Target
  
  ca1ebc200bab237a262fc3c95eb758cdc184e740920f58419c148539487b5fa4
- Size
  
  107KB
- MD5
  
  a10a405c29a4e7287e7f07ca2a48eed0
- SHA1
  
  5d0c590212dd836f5866685098d9874ffeb9094d
- SHA256
  
  ca1ebc200bab237a262fc3c95eb758cdc184e740920f58419c148539487b5fa4
- SHA512
  
  613f0e57fd4589b6ffe29886deda60f0a3758226599a664e58cc9a9e32e94b82d23d7d158fe50e927aa4461fef9fe64a4ee16d0ab53c811baaa80b72f1763103
- SSDEEP
  
  1536:dgGlPXkg5TiVOhA9Z4heidGVzoSL99vKlZjuTCdOpi353BlxLg2VhJu:dgYX0VOQSw31oSLHvKlZ8CdOpG3Blxf
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2