844c016c9df09432f82f2a353151ca110c2474c7cb5f09c54ebc64952dd1174d | Triage

Sharing

General

Target

844c016c9df09432f82f2a353151ca110c2474c7cb5f09c54ebc64952dd1174d
Size

20KB
Sample

221125-pqk42sbg6z
MD5

466de94a93c16b231e00bc238ca18958
SHA1

65a2ac38811889f95d8ee22f7ec2c338d82eac62
SHA256

844c016c9df09432f82f2a353151ca110c2474c7cb5f09c54ebc64952dd1174d
SHA512

7135f183d0cfc3dbe194c00c28acf482317849a951184cdef20215a598fa6bace7d05673bdcb61b36c0697746f0130f4ba2304076f5632b1cf225cbad00136b5
SSDEEP

192:gKsOC3fW6S8Pl9WCA2WEoq1hDqYbhp1gHZzQ8Hb/Pk4KwNJGGgSkvY:PqnSeZA2IqDDqYbhpGHZdHbn6ZGP

Score

8^/10

Malware Config

Targets

- Target
  
  844c016c9df09432f82f2a353151ca110c2474c7cb5f09c54ebc64952dd1174d
- Size
  
  20KB
- MD5
  
  466de94a93c16b231e00bc238ca18958
- SHA1
  
  65a2ac38811889f95d8ee22f7ec2c338d82eac62
- SHA256
  
  844c016c9df09432f82f2a353151ca110c2474c7cb5f09c54ebc64952dd1174d
- SHA512
  
  7135f183d0cfc3dbe194c00c28acf482317849a951184cdef20215a598fa6bace7d05673bdcb61b36c0697746f0130f4ba2304076f5632b1cf225cbad00136b5
- SSDEEP
  
  192:gKsOC3fW6S8Pl9WCA2WEoq1hDqYbhp1gHZzQ8Hb/Pk4KwNJGGgSkvY:PqnSeZA2IqDDqYbhpGHZdHbn6ZGP
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2