679bf0b7dd9411bc2d25a70b5352def409ce74ace46705e2df846cce9087eb7b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

679bf0b7dd9411bc2d25a70b5352def409ce74ace46705e2df846cce9087eb7b
Size

678KB
Sample

221107-d99e7sfcf4
MD5

013a01d1d7b6768c6d7c71f25cbb9695
SHA1

6890c709f7617ba8f59812a401d37c1894c0da95
SHA256

679bf0b7dd9411bc2d25a70b5352def409ce74ace46705e2df846cce9087eb7b
SHA512

7d3970c9b86c3b467e35aa030f3cf1c5f5a99c414968d6d2f38067389d2032f82dc8c7c30311a3bafbb1d2d24969ce199404ccfa3eb808c18144cd423135e537
SSDEEP

12288:pCF8GZoBiS9F1aY8+8XBavsNxQ9wtlHRSMmvslNKaen9:pCe6S9naY8pcszUYHRSMm0lNKaC9

Score

8^/10

Malware Config

Targets

- Target
  
  679bf0b7dd9411bc2d25a70b5352def409ce74ace46705e2df846cce9087eb7b
- Size
  
  678KB
- MD5
  
  013a01d1d7b6768c6d7c71f25cbb9695
- SHA1
  
  6890c709f7617ba8f59812a401d37c1894c0da95
- SHA256
  
  679bf0b7dd9411bc2d25a70b5352def409ce74ace46705e2df846cce9087eb7b
- SHA512
  
  7d3970c9b86c3b467e35aa030f3cf1c5f5a99c414968d6d2f38067389d2032f82dc8c7c30311a3bafbb1d2d24969ce199404ccfa3eb808c18144cd423135e537
- SSDEEP
  
  12288:pCF8GZoBiS9F1aY8+8XBavsNxQ9wtlHRSMmvslNKaen9:pCe6S9naY8pcszUYHRSMm0lNKaC9
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2