a384cca4b1f23b5db3bf4af56687e8a25b187bf8196f0fc3a15d9c2f68e93d0d | Triage

Sharing

General

Target

a384cca4b1f23b5db3bf4af56687e8a25b187bf8196f0fc3a15d9c2f68e93d0d
Size

688KB
Sample

221123-qrv63sef75
MD5

e47e2512aea2a641cf602eef14c49241
SHA1

2144adca01caa914b0f1baa881756afd2fb90681
SHA256

a384cca4b1f23b5db3bf4af56687e8a25b187bf8196f0fc3a15d9c2f68e93d0d
SHA512

0e3f9c99f8b4b7e3ed5db8ed69d4018bea0fcb76da851288739950cd43b8befc4df097953dddbf27e37702a66be9ef013bc33973d480081d51ed58a625ed6c37
SSDEEP

12288:oztjEp4VmvHUEGSIST8BrPoQeJYIsL+mxaCb:WkdaST6rLnLXB

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  a384cca4b1f23b5db3bf4af56687e8a25b187bf8196f0fc3a15d9c2f68e93d0d
- Size
  
  688KB
- MD5
  
  e47e2512aea2a641cf602eef14c49241
- SHA1
  
  2144adca01caa914b0f1baa881756afd2fb90681
- SHA256
  
  a384cca4b1f23b5db3bf4af56687e8a25b187bf8196f0fc3a15d9c2f68e93d0d
- SHA512
  
  0e3f9c99f8b4b7e3ed5db8ed69d4018bea0fcb76da851288739950cd43b8befc4df097953dddbf27e37702a66be9ef013bc33973d480081d51ed58a625ed6c37
- SSDEEP
  
  12288:oztjEp4VmvHUEGSIST8BrPoQeJYIsL+mxaCb:WkdaST6rLnLXB
Score

8^/10

evasion
- Disables Task Manager via registry modification
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2