77e68c7772e13d477d48d48f7f96ac03661114b471a1ce51c2c49a6f654311e5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

77e68c7772e13d477d48d48f7f96ac03661114b471a1ce51c2c49a6f654311e5
Size

41KB
Sample

221128-fnkk3agc44
MD5

0af339b1893d9dd5aa4987c1ec3242f3
SHA1

0f15d63675d6319eb94409c60edff1bfe00071c8
SHA256

77e68c7772e13d477d48d48f7f96ac03661114b471a1ce51c2c49a6f654311e5
SHA512

bb0a4ab034326c1a911ec39a3912918988b10a31564c9d47b371540cd57b28b4f7ebe53efe1d1718cf4f045a42b5ff2b29f6c97a34f4a7c608c2d7e641921718
SSDEEP

768:0Hnd52O181i0x2MRZH1/SlXRSR4KZ4V8eJ8ZvIVFA0zJzXa9r8bm0:0HndEOkiQ2Mz1vqbCeJIIAOhX6r8bm0

Score

8^/10

Malware Config

Targets

- Target
  
  77e68c7772e13d477d48d48f7f96ac03661114b471a1ce51c2c49a6f654311e5
- Size
  
  41KB
- MD5
  
  0af339b1893d9dd5aa4987c1ec3242f3
- SHA1
  
  0f15d63675d6319eb94409c60edff1bfe00071c8
- SHA256
  
  77e68c7772e13d477d48d48f7f96ac03661114b471a1ce51c2c49a6f654311e5
- SHA512
  
  bb0a4ab034326c1a911ec39a3912918988b10a31564c9d47b371540cd57b28b4f7ebe53efe1d1718cf4f045a42b5ff2b29f6c97a34f4a7c608c2d7e641921718
- SSDEEP
  
  768:0Hnd52O181i0x2MRZH1/SlXRSR4KZ4V8eJ8ZvIVFA0zJzXa9r8bm0:0HndEOkiQ2Mz1vqbCeJIIAOhX6r8bm0
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2