ac2745651a4dbdabb4f6febeb97456f66551b55e489efd3ffa8769abda33c486 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac2745651a4dbdabb4f6febeb97456f66551b55e489efd3ffa8769abda33c486
Size

1.4MB
Sample

221107-gwev8aeagm
MD5

17f4c30d9a539768a234cf175ec55601
SHA1

157ff806977efca870fdbbd5647ac1580d0d90cc
SHA256

ac2745651a4dbdabb4f6febeb97456f66551b55e489efd3ffa8769abda33c486
SHA512

9076c9e1b35cb0768a43885a1c27ac02fb30624bbffb8678a6a2f98d8a3de91163f97ea24f59dc9b6127285c2031e13889c7c8dc05a4b17d8faad518a5e42b84
SSDEEP

24576:3qi2Dv7gosohG20JaB7SNWa6StffOSqICV+GKTMiaIH1qMQheH:lCb9SL60ql+3H8hg

Score

8^/10

Malware Config

Targets

- Target
  
  ac2745651a4dbdabb4f6febeb97456f66551b55e489efd3ffa8769abda33c486
- Size
  
  1.4MB
- MD5
  
  17f4c30d9a539768a234cf175ec55601
- SHA1
  
  157ff806977efca870fdbbd5647ac1580d0d90cc
- SHA256
  
  ac2745651a4dbdabb4f6febeb97456f66551b55e489efd3ffa8769abda33c486
- SHA512
  
  9076c9e1b35cb0768a43885a1c27ac02fb30624bbffb8678a6a2f98d8a3de91163f97ea24f59dc9b6127285c2031e13889c7c8dc05a4b17d8faad518a5e42b84
- SSDEEP
  
  24576:3qi2Dv7gosohG20JaB7SNWa6StffOSqICV+GKTMiaIH1qMQheH:lCb9SL60ql+3H8hg
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2