131c66e11c7837ee963eb63917416d085c4d290bf89ca78b4b485d75ecc00c45 | Triage

Sharing

General

Target

131c66e11c7837ee963eb63917416d085c4d290bf89ca78b4b485d75ecc00c45
Size

687KB
Sample

221123-zyebkshb3z
MD5

5349282420c16ff192c08775a152b530
SHA1

05d0906c46da03c37574240b8d8bf447f0edef31
SHA256

131c66e11c7837ee963eb63917416d085c4d290bf89ca78b4b485d75ecc00c45
SHA512

cc28e186e1c52ef56f9d9c84ed6f9cd84e8a44b2d470dc139a4d2725dd7d02e3105bbf6dd711c6203a7f59bad31f4ed9310e3e8ef57587908e2de7d0f2e867cb
SSDEEP

12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y

Score

8^/10

Malware Config

Targets

- Target
  
  131c66e11c7837ee963eb63917416d085c4d290bf89ca78b4b485d75ecc00c45
- Size
  
  687KB
- MD5
  
  5349282420c16ff192c08775a152b530
- SHA1
  
  05d0906c46da03c37574240b8d8bf447f0edef31
- SHA256
  
  131c66e11c7837ee963eb63917416d085c4d290bf89ca78b4b485d75ecc00c45
- SHA512
  
  cc28e186e1c52ef56f9d9c84ed6f9cd84e8a44b2d470dc139a4d2725dd7d02e3105bbf6dd711c6203a7f59bad31f4ed9310e3e8ef57587908e2de7d0f2e867cb
- SSDEEP
  
  12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2