98a80feeb908523722549f44ab859b628c28e84ba0126f98b501e5d9f5b6fb42 | Triage

Sharing

General

Target

98a80feeb908523722549f44ab859b628c28e84ba0126f98b501e5d9f5b6fb42
Size

288KB
Sample

221129-nzgbsafc93
MD5

df4ed8f2643ccde6e0ea3168fc970352
SHA1

d19ca55618f10f30782e9ad3d02db508d9a22f54
SHA256

98a80feeb908523722549f44ab859b628c28e84ba0126f98b501e5d9f5b6fb42
SHA512

f09c7e1ab0c8069c09c4e4df8cc8a6e5e5202fdf8020b3de9ec6a573030fbbc0b7d122c9d5c38367f40b836eda07c9dfdce3e361c9b90fdd68429fc1c390f3a6
SSDEEP

3072:Muu/BivfD+eQmQRnnYiXt5zy73xqGbN3S3LlXvja7Rm07FSx4hPvMmgNR:juZOfyHYiCnNsl7a045hPv

Score

8^/10

Malware Config

Targets

- Target
  
  98a80feeb908523722549f44ab859b628c28e84ba0126f98b501e5d9f5b6fb42
- Size
  
  288KB
- MD5
  
  df4ed8f2643ccde6e0ea3168fc970352
- SHA1
  
  d19ca55618f10f30782e9ad3d02db508d9a22f54
- SHA256
  
  98a80feeb908523722549f44ab859b628c28e84ba0126f98b501e5d9f5b6fb42
- SHA512
  
  f09c7e1ab0c8069c09c4e4df8cc8a6e5e5202fdf8020b3de9ec6a573030fbbc0b7d122c9d5c38367f40b836eda07c9dfdce3e361c9b90fdd68429fc1c390f3a6
- SSDEEP
  
  3072:Muu/BivfD+eQmQRnnYiXt5zy73xqGbN3S3LlXvja7Rm07FSx4hPvMmgNR:juZOfyHYiCnNsl7a045hPv
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2