38bf026f703f1047dfc63aa1a4f51c6455a0cd4e496879dacd7f49673eff8cc0 | Triage

Sharing

General

Target

38bf026f703f1047dfc63aa1a4f51c6455a0cd4e496879dacd7f49673eff8cc0
Size

127KB
Sample

221106-qyvtwsdgf5
MD5

0ed52c86604e8097bffd866083be2a34
SHA1

e2a5e42db4540ba820d76dc1d70f5f9e885f18cb
SHA256

38bf026f703f1047dfc63aa1a4f51c6455a0cd4e496879dacd7f49673eff8cc0
SHA512

debb951915724d405eb87e601753773195c92178ce603ed0b0ca22c92122118215b7ead778fb24d638acb14341bb288142c7acbefce8a06bd508eae1b1055fa4
SSDEEP

3072:tWIVzl1GSJLLpgmGj8g5ZQXMmwI+QXMmwI23:gIVzl3LumGGMazMa23

Score

8^/10

Malware Config

Targets

- Target
  
  38bf026f703f1047dfc63aa1a4f51c6455a0cd4e496879dacd7f49673eff8cc0
- Size
  
  127KB
- MD5
  
  0ed52c86604e8097bffd866083be2a34
- SHA1
  
  e2a5e42db4540ba820d76dc1d70f5f9e885f18cb
- SHA256
  
  38bf026f703f1047dfc63aa1a4f51c6455a0cd4e496879dacd7f49673eff8cc0
- SHA512
  
  debb951915724d405eb87e601753773195c92178ce603ed0b0ca22c92122118215b7ead778fb24d638acb14341bb288142c7acbefce8a06bd508eae1b1055fa4
- SSDEEP
  
  3072:tWIVzl1GSJLLpgmGj8g5ZQXMmwI+QXMmwI23:gIVzl3LumGGMazMa23
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2