a7b5728c7a9396f74c8cff76311816913dd8930f86904ef8266e8a0d52c4f46f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a7b5728c7a9396f74c8cff76311816913dd8930f86904ef8266e8a0d52c4f46f
Size

692KB
Sample

221106-fs6n4agbeq
MD5

28adca8e192d9ba1855693482d6faaa0
SHA1

d2470f4cbbe736db3be861d6266ed199e33598df
SHA256

a7b5728c7a9396f74c8cff76311816913dd8930f86904ef8266e8a0d52c4f46f
SHA512

2d80bea3a68b9ef9941bfb2eac7e93fcf9cbbaa9bb908c73e577f6ebf7a541ab999c36adc63fd33863a003e37d1d79a377e6d2ffba83bb85729ae94e31b34ab2
SSDEEP

12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y

Score

8^/10

Malware Config

Targets

- Target
  
  a7b5728c7a9396f74c8cff76311816913dd8930f86904ef8266e8a0d52c4f46f
- Size
  
  692KB
- MD5
  
  28adca8e192d9ba1855693482d6faaa0
- SHA1
  
  d2470f4cbbe736db3be861d6266ed199e33598df
- SHA256
  
  a7b5728c7a9396f74c8cff76311816913dd8930f86904ef8266e8a0d52c4f46f
- SHA512
  
  2d80bea3a68b9ef9941bfb2eac7e93fcf9cbbaa9bb908c73e577f6ebf7a541ab999c36adc63fd33863a003e37d1d79a377e6d2ffba83bb85729ae94e31b34ab2
- SSDEEP
  
  12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2