c375e04aa8ec047a0ddbca2b0ab87735a1773bf0d7e003fb988b0cb768cb6697 | Triage

Sharing

General

Target

c375e04aa8ec047a0ddbca2b0ab87735a1773bf0d7e003fb988b0cb768cb6697
Size

540KB
Sample

221201-rpfjaafg99
MD5

57b134ea941919438df334df781d351b
SHA1

60653c24afeda77623aa6fc3ec2c4c6704edbd52
SHA256

c375e04aa8ec047a0ddbca2b0ab87735a1773bf0d7e003fb988b0cb768cb6697
SHA512

a5e095b2c6bcc7b546f8d4687b9bf69809b48a70629e2f6db7245fd0527786d91b310558afb599dcc9b2dde7a1bf76ed0ec9c7664430f359799e9c5f5f61cb34
SSDEEP

12288:2Uw2keucMXSXvyKmv0FCd15DLAEpF74eDJY1OhEP7GrqT9LG48ON:JzGX2aKmM2YAFMeDS1OhETGgLG48ON

Score

8^/10

Malware Config

Targets

- Target
  
  Setup.exe
- Size
  
  916KB
- MD5
  
  fc6b2fd7d6de1ada94e6363efc129a02
- SHA1
  
  3dd9613b9d5fbcb23f816ab0a141d6b90a53040a
- SHA256
  
  443a6f0d2163fb7a298d06a2bfaf56a06c2d86a2b5aa8598af908eeb1e74e449
- SHA512
  
  74f9748f8a7369f6b3306b2e42c11b1eb8741918c825d6d3b4a3981a593435886a23dd4acac314033e36450e08f61c64f58efa691c214a337263760bd2ccd316
- SSDEEP
  
  24576:hyqSGF69OZbNp8ar4i4vaiCSbfmY/FzeoS1OwETpbLz48H:AqSC694b8xiKaiCEfmY/FzeoS1O7TFp
Score

8^/10
- Blocklisted process makes network request
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2
- Target
  
  your_exe.exe
- Size
  
  17KB
- MD5
  
  18a8409351c2ea3389125193a511d2d2
- SHA1
  
  beb6ff40f446c700b0c90934e64426d8cfdcf8a8
- SHA256
  
  72dec65b99de35a2a5386cf01c1472146d055b630851fa6413b8e408018031a6
- SHA512
  
  b6be1a46d25299e0acc42a580ae1b1fe07c3e38f55b86c82aa5a3adcd3101be8a1046ede431ecc54b0d7e6b2af7acb3860ce4fca8c9647c041b32a38ad1350ba
- SSDEEP
  
  384:I7+wHb66EVtEl+TNTOU+IYq8lB+AWz9W+koV:I75665+TBD+IYqyBpG
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4