fb3212a4981297889cab2827aff8fd73fd15172b27c27ba77b0dd649c967eea3 | Triage

Sharing

General

Target

fb3212a4981297889cab2827aff8fd73fd15172b27c27ba77b0dd649c967eea3
Size

36KB
Sample

221123-vnpmcacd9v
MD5

4c17860ac6d57d345d1ba7f87f524800
SHA1

77d893ccfcae930052aa3410cb3f3b11ffbb5b28
SHA256

fb3212a4981297889cab2827aff8fd73fd15172b27c27ba77b0dd649c967eea3
SHA512

452ef704628c64acba447e7a0a6eb9f047ad56bd8c0bff02ac12b9d6eb1ad956afe9711e8832c12ee586ded5af70f9a7cb767fc03979ffdbe8f21a489b4f31f1
SSDEEP

384:lmnQcDDT375RK3l6DNDvnqzemXrJ99/BDmy4todF+HO86CxEh99yRlKTe70:li3hUMDNDvzmXrJ9Jotov+HO000lP

Score

7^/10

Malware Config

Targets

- Target
  
  fb3212a4981297889cab2827aff8fd73fd15172b27c27ba77b0dd649c967eea3
- Size
  
  36KB
- MD5
  
  4c17860ac6d57d345d1ba7f87f524800
- SHA1
  
  77d893ccfcae930052aa3410cb3f3b11ffbb5b28
- SHA256
  
  fb3212a4981297889cab2827aff8fd73fd15172b27c27ba77b0dd649c967eea3
- SHA512
  
  452ef704628c64acba447e7a0a6eb9f047ad56bd8c0bff02ac12b9d6eb1ad956afe9711e8832c12ee586ded5af70f9a7cb767fc03979ffdbe8f21a489b4f31f1
- SSDEEP
  
  384:lmnQcDDT375RK3l6DNDvnqzemXrJ99/BDmy4todF+HO86CxEh99yRlKTe70:li3hUMDNDvzmXrJ9Jotov+HO000lP
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2