c179d27a6c78b5abc44aa096d3a1bbe261f2f45a26fabef749a206ff4e20b781 | Triage

Sharing

General

Target

c179d27a6c78b5abc44aa096d3a1bbe261f2f45a26fabef749a206ff4e20b781
Size

643KB
Sample

221106-fsw5nadfc3
MD5

2067676e64185253657e0191bb528520
SHA1

2b066a9b3306415ff43a09b9b6a8b8a3693c217f
SHA256

c179d27a6c78b5abc44aa096d3a1bbe261f2f45a26fabef749a206ff4e20b781
SHA512

a2b5f83cee40df007ca13e9f7a3d42165b9f34f5afe9e5ced84054718dad80fca3135881164636cd752f1f25634174a4f4e0ad4655320370cf882f615db2e95f
SSDEEP

12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y

Score

8^/10

Malware Config

Targets

- Target
  
  c179d27a6c78b5abc44aa096d3a1bbe261f2f45a26fabef749a206ff4e20b781
- Size
  
  643KB
- MD5
  
  2067676e64185253657e0191bb528520
- SHA1
  
  2b066a9b3306415ff43a09b9b6a8b8a3693c217f
- SHA256
  
  c179d27a6c78b5abc44aa096d3a1bbe261f2f45a26fabef749a206ff4e20b781
- SHA512
  
  a2b5f83cee40df007ca13e9f7a3d42165b9f34f5afe9e5ced84054718dad80fca3135881164636cd752f1f25634174a4f4e0ad4655320370cf882f615db2e95f
- SSDEEP
  
  12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2