5f963c2b54eb2a8e7c2f1fd73b394cb7a3cdc424161c5966c192424c93977b6e | Triage

Sharing

General

Target

5f963c2b54eb2a8e7c2f1fd73b394cb7a3cdc424161c5966c192424c93977b6e
Size

21KB
Sample

221121-3ffngabd95
MD5

24f9a38471e49cfa484b091b44aacd5a
SHA1

cc055dfba4900e9582c24ef5a6b3abd9d1203b52
SHA256

5f963c2b54eb2a8e7c2f1fd73b394cb7a3cdc424161c5966c192424c93977b6e
SHA512

bb1ec848b6579a3ce7e3570cd2a01dfdfca041216368403236034d36cc6cca88521a19687e9d9e48b88bd18d0de65240b2f4014e97c73f580a826a9503068f36
SSDEEP

192:ZXokc/wYXqa6qx94nkFLuyqcWeew4DoYeqgYzLYirYH1oyn9lsN8sv3hw/R/:WhLXqa6qH4mVqheen8YWKG1dsN8NR

Score

8^/10

Malware Config

Targets

- Target
  
  5f963c2b54eb2a8e7c2f1fd73b394cb7a3cdc424161c5966c192424c93977b6e
- Size
  
  21KB
- MD5
  
  24f9a38471e49cfa484b091b44aacd5a
- SHA1
  
  cc055dfba4900e9582c24ef5a6b3abd9d1203b52
- SHA256
  
  5f963c2b54eb2a8e7c2f1fd73b394cb7a3cdc424161c5966c192424c93977b6e
- SHA512
  
  bb1ec848b6579a3ce7e3570cd2a01dfdfca041216368403236034d36cc6cca88521a19687e9d9e48b88bd18d0de65240b2f4014e97c73f580a826a9503068f36
- SSDEEP
  
  192:ZXokc/wYXqa6qx94nkFLuyqcWeew4DoYeqgYzLYirYH1oyn9lsN8sv3hw/R/:WhLXqa6qH4mVqheen8YWKG1dsN8NR
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2