aa663811ae1f82844bfc5312062f3360b6f1ff3a05b8b02d2f2dcc6388401d8d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa663811ae1f82844bfc5312062f3360b6f1ff3a05b8b02d2f2dcc6388401d8d
Size

198KB
Sample

221125-xngmvabe6t
MD5

7f53bc4e13eda740711e4034c3c80675
SHA1

e25d02c0233a553b8822ed7e8a5010b764fec8c1
SHA256

aa663811ae1f82844bfc5312062f3360b6f1ff3a05b8b02d2f2dcc6388401d8d
SHA512

3319981079dd30ccd87073914b35352753c93f6c5e600ec99547b5afb3c4aba2e200be758a4e7095467cdddddb4d02d2a55d5950be05448b5dae78663aa95b23
SSDEEP

3072:Kd178LL6mx8Y+NJ7rhNONxzNw+UUaVSvs1C8/ehoraNUXtMLWM:KdF8LL6Y+NYz2dUvs1C8/ehoraNUXSqM

Score

7^/10

Malware Config

Targets

- Target
  
  aa663811ae1f82844bfc5312062f3360b6f1ff3a05b8b02d2f2dcc6388401d8d
- Size
  
  198KB
- MD5
  
  7f53bc4e13eda740711e4034c3c80675
- SHA1
  
  e25d02c0233a553b8822ed7e8a5010b764fec8c1
- SHA256
  
  aa663811ae1f82844bfc5312062f3360b6f1ff3a05b8b02d2f2dcc6388401d8d
- SHA512
  
  3319981079dd30ccd87073914b35352753c93f6c5e600ec99547b5afb3c4aba2e200be758a4e7095467cdddddb4d02d2a55d5950be05448b5dae78663aa95b23
- SSDEEP
  
  3072:Kd178LL6mx8Y+NJ7rhNONxzNw+UUaVSvs1C8/ehoraNUXtMLWM:KdF8LL6Y+NYz2dUvs1C8/ehoraNUXSqM
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2