7259b1adda698861a8251685887953d892dff2eb5b141d9051db03cbfcc2c76a | Triage

Sharing

General

Target

7259b1adda698861a8251685887953d892dff2eb5b141d9051db03cbfcc2c76a
Size

20KB
Sample

221125-pql2cagf32
MD5

8f602ab1e9288adbb80a93e50bdbe144
SHA1

0a06eb7e96f90b0269e97e58355e63b5da312a7e
SHA256

7259b1adda698861a8251685887953d892dff2eb5b141d9051db03cbfcc2c76a
SHA512

bcefff73a91df94e290699dbf3ee4e5be8b9848d6f95dadfac263e0b1d2277bf9eb7aa5896a71aa0e5c3d11d46c4ef242e5b058dcfecdaff7052a9166a45f309
SSDEEP

192:q6sZ4jROJmZPaFGekYP0pEkQY1oyn7s08GIcHzrq0FnPEN2eby:qX4jRmsaQeDPvA1hs08oHzBFMN2p

Score

8^/10

Malware Config

Targets

- Target
  
  7259b1adda698861a8251685887953d892dff2eb5b141d9051db03cbfcc2c76a
- Size
  
  20KB
- MD5
  
  8f602ab1e9288adbb80a93e50bdbe144
- SHA1
  
  0a06eb7e96f90b0269e97e58355e63b5da312a7e
- SHA256
  
  7259b1adda698861a8251685887953d892dff2eb5b141d9051db03cbfcc2c76a
- SHA512
  
  bcefff73a91df94e290699dbf3ee4e5be8b9848d6f95dadfac263e0b1d2277bf9eb7aa5896a71aa0e5c3d11d46c4ef242e5b058dcfecdaff7052a9166a45f309
- SSDEEP
  
  192:q6sZ4jROJmZPaFGekYP0pEkQY1oyn7s08GIcHzrq0FnPEN2eby:qX4jRmsaQeDPvA1hs08oHzBFMN2p
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2