43d89b21ae304c697c25c0f2e29bbb1901ca0b69368461a211a6f2f5be088625 | Triage

Sharing

General

Target

43d89b21ae304c697c25c0f2e29bbb1901ca0b69368461a211a6f2f5be088625
Size

1.1MB
Sample

221107-g3f2vscae7
MD5

20781fbaa7123fc73c8de56bca10794d
SHA1

3a815da83654d8454a1d092847a2a28efc4c408e
SHA256

43d89b21ae304c697c25c0f2e29bbb1901ca0b69368461a211a6f2f5be088625
SHA512

b4669a33e31220712fbe160f7e4b4242a7c6dc7a4544cd447a353a3e2fa304a7b2990ad6f0b7e7e719ec6efdd5ab731f30c146cfe90e9abc157bd221252ca1a9
SSDEEP

24576:w/0peow6/GmPN760aABzSbE0nc4v2o6IsQPTYDIH17GwoYS:vTbVSrz6nWH1GPh

Score

8^/10

Malware Config

Targets

- Target
  
  43d89b21ae304c697c25c0f2e29bbb1901ca0b69368461a211a6f2f5be088625
- Size
  
  1.1MB
- MD5
  
  20781fbaa7123fc73c8de56bca10794d
- SHA1
  
  3a815da83654d8454a1d092847a2a28efc4c408e
- SHA256
  
  43d89b21ae304c697c25c0f2e29bbb1901ca0b69368461a211a6f2f5be088625
- SHA512
  
  b4669a33e31220712fbe160f7e4b4242a7c6dc7a4544cd447a353a3e2fa304a7b2990ad6f0b7e7e719ec6efdd5ab731f30c146cfe90e9abc157bd221252ca1a9
- SSDEEP
  
  24576:w/0peow6/GmPN760aABzSbE0nc4v2o6IsQPTYDIH17GwoYS:vTbVSrz6nWH1GPh
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2