a42fad2d41ffaf212ad212c8b3fb100c2c9a60294fbb5f52805f98d89b6d4d59 | Triage

Sharing

General

Target

a42fad2d41ffaf212ad212c8b3fb100c2c9a60294fbb5f52805f98d89b6d4d59
Size

21KB
Sample

221123-mqmxjaeg28
MD5

dca91aa843ee50a20186d08dff81e5f6
SHA1

da577716dd9d7c0b8ca5316b8526a1c8c4ac3574
SHA256

a42fad2d41ffaf212ad212c8b3fb100c2c9a60294fbb5f52805f98d89b6d4d59
SHA512

68c6c267c820233ecbff8fc1c358bfa3777506ca49ebc970c825f5102297aa4aaacf2609a19d57c3b9834878f86a0bfadc8f86514aee5ce7f2b51c04ee37fe73
SSDEEP

384:XoU6XoFlRrEFZmw0yZZfPYmbYr14ZN8Jv:XNlZEFQw0yZpPbib

Score

8^/10

Malware Config

Targets

- Target
  
  a42fad2d41ffaf212ad212c8b3fb100c2c9a60294fbb5f52805f98d89b6d4d59
- Size
  
  21KB
- MD5
  
  dca91aa843ee50a20186d08dff81e5f6
- SHA1
  
  da577716dd9d7c0b8ca5316b8526a1c8c4ac3574
- SHA256
  
  a42fad2d41ffaf212ad212c8b3fb100c2c9a60294fbb5f52805f98d89b6d4d59
- SHA512
  
  68c6c267c820233ecbff8fc1c358bfa3777506ca49ebc970c825f5102297aa4aaacf2609a19d57c3b9834878f86a0bfadc8f86514aee5ce7f2b51c04ee37fe73
- SSDEEP
  
  384:XoU6XoFlRrEFZmw0yZZfPYmbYr14ZN8Jv:XNlZEFQw0yZpPbib
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2