72f0fa8c053fab90a43ed18ff5bb962de6d31f13b7dc7fb078afb0ba1ded4722 | Triage

Sharing

General

Target

72f0fa8c053fab90a43ed18ff5bb962de6d31f13b7dc7fb078afb0ba1ded4722
Size

19KB
Sample

221125-pskajabh8z
MD5

2580ddd3beb3924654a9f9aec9e195a0
SHA1

29e21919ef0b77d2071eadd75ee6ad80e596cf61
SHA256

72f0fa8c053fab90a43ed18ff5bb962de6d31f13b7dc7fb078afb0ba1ded4722
SHA512

f388a96ca43dc3627a2400a5725308afe18aa581ba889bb9f6624a90a65978807accf5d136bf4734ae724b167dc18a6dc00df4bb4c7d9e174fd0cb9efa25d8ed
SSDEEP

192:n3GXehQZMKauy7RoZotti+dQf6Tyu1oynlEwbJZ/kq0Fn2EN2eby:n3ThQCI0RoEFTL1ftbGFHN2p

Score

8^/10

Malware Config

Targets

- Target
  
  72f0fa8c053fab90a43ed18ff5bb962de6d31f13b7dc7fb078afb0ba1ded4722
- Size
  
  19KB
- MD5
  
  2580ddd3beb3924654a9f9aec9e195a0
- SHA1
  
  29e21919ef0b77d2071eadd75ee6ad80e596cf61
- SHA256
  
  72f0fa8c053fab90a43ed18ff5bb962de6d31f13b7dc7fb078afb0ba1ded4722
- SHA512
  
  f388a96ca43dc3627a2400a5725308afe18aa581ba889bb9f6624a90a65978807accf5d136bf4734ae724b167dc18a6dc00df4bb4c7d9e174fd0cb9efa25d8ed
- SSDEEP
  
  192:n3GXehQZMKauy7RoZotti+dQf6Tyu1oynlEwbJZ/kq0Fn2EN2eby:n3ThQCI0RoEFTL1ftbGFHN2p
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2