baf99e7e22e7a8e5419b9f5fe971376f7f335489b7dfc8ce0476561d70f8b7d3 | Triage

Sharing

General

Target

baf99e7e22e7a8e5419b9f5fe971376f7f335489b7dfc8ce0476561d70f8b7d3
Size

113KB
Sample

221123-zp78asde38
MD5

1b6e444ba7241ccaed3fb67e191cf605
SHA1

885b749ced5993737081b47dcb490cce18498af9
SHA256

baf99e7e22e7a8e5419b9f5fe971376f7f335489b7dfc8ce0476561d70f8b7d3
SHA512

eb4c6a3d5f91b5851808124b6f4d5437988c26136c78ea1b7e9d64e107e6a2d04a442955dfae57be18cebbfabbdee3e7bdcd6116bd32c1538c2b1070ee694f67
SSDEEP

3072:QuiBG6IggKenHasq9y25XquxAzflFEHURitEHyp+xAFSdsmFIb:hggKen6sQy+quegw1AF/1

Score

7^/10

Malware Config

Targets

- Target
  
  baf99e7e22e7a8e5419b9f5fe971376f7f335489b7dfc8ce0476561d70f8b7d3
- Size
  
  113KB
- MD5
  
  1b6e444ba7241ccaed3fb67e191cf605
- SHA1
  
  885b749ced5993737081b47dcb490cce18498af9
- SHA256
  
  baf99e7e22e7a8e5419b9f5fe971376f7f335489b7dfc8ce0476561d70f8b7d3
- SHA512
  
  eb4c6a3d5f91b5851808124b6f4d5437988c26136c78ea1b7e9d64e107e6a2d04a442955dfae57be18cebbfabbdee3e7bdcd6116bd32c1538c2b1070ee694f67
- SSDEEP
  
  3072:QuiBG6IggKenHasq9y25XquxAzflFEHURitEHyp+xAFSdsmFIb:hggKen6sQy+quegw1AF/1
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2