b0c457c0ec44a703e2f84aecb788dce2d61eb62735dc4266d9f97595a024fff5 | Triage

Sharing

General

Target

b0c457c0ec44a703e2f84aecb788dce2d61eb62735dc4266d9f97595a024fff5
Size

32KB
Sample

221123-xpql5sff48
MD5

58e08f0b8ac3469ec2a9b13a98a67c80
SHA1

fcd30f864303bdb1318406f85a8df32e3b5639bd
SHA256

b0c457c0ec44a703e2f84aecb788dce2d61eb62735dc4266d9f97595a024fff5
SHA512

346668dbf77d3f345d34837e335d7ba17b65c4534503474cf695e6e271678f9f31b7cb27169ff7d96edfb45deed2a13949512ab335bb44b2c26fa115e2e59be9
SSDEEP

384:+IRenzGwKAZ5OPFyybJBqEWDErnUOoyRBYtih/5w5lkWniT1:+IczCAZ5CFWDEBosYAhhalFn4

Score

7^/10

Malware Config

Targets

- Target
  
  b0c457c0ec44a703e2f84aecb788dce2d61eb62735dc4266d9f97595a024fff5
- Size
  
  32KB
- MD5
  
  58e08f0b8ac3469ec2a9b13a98a67c80
- SHA1
  
  fcd30f864303bdb1318406f85a8df32e3b5639bd
- SHA256
  
  b0c457c0ec44a703e2f84aecb788dce2d61eb62735dc4266d9f97595a024fff5
- SHA512
  
  346668dbf77d3f345d34837e335d7ba17b65c4534503474cf695e6e271678f9f31b7cb27169ff7d96edfb45deed2a13949512ab335bb44b2c26fa115e2e59be9
- SSDEEP
  
  384:+IRenzGwKAZ5OPFyybJBqEWDErnUOoyRBYtih/5w5lkWniT1:+IczCAZ5CFWDEBosYAhhalFn4
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2