General

  • Target

    be205835208cc31957b8fe226f7bef7a9852d680512bac25538ea15769541f3f

  • Size

    102KB

  • Sample

    221201-w6qg2abg8y

  • MD5

    b9c7ff14fb297f70fbda656a683b5dff

  • SHA1

    27704707d62f0a724172af81b62a6f86e100864e

  • SHA256

    be205835208cc31957b8fe226f7bef7a9852d680512bac25538ea15769541f3f

  • SHA512

    33c81959b0c128c6752008dd6dcf4b519bbd5ec2a95ab4dd9c74c563d49019106af23159d9f4779eae58c37fc868419e093fa28d22ec76c774fb9bc555adc4cb

  • SSDEEP

    1536:9y/OQ+2BHdzvGlQ1n2GR7klU9ByNLOP2HmZXwVl0wHCJK9f:9qH+2LDzn2S7kIByNiYmZXwBiu

Score
8/10

Malware Config

Targets

    • Target

      be205835208cc31957b8fe226f7bef7a9852d680512bac25538ea15769541f3f

    • Size

      102KB

    • MD5

      b9c7ff14fb297f70fbda656a683b5dff

    • SHA1

      27704707d62f0a724172af81b62a6f86e100864e

    • SHA256

      be205835208cc31957b8fe226f7bef7a9852d680512bac25538ea15769541f3f

    • SHA512

      33c81959b0c128c6752008dd6dcf4b519bbd5ec2a95ab4dd9c74c563d49019106af23159d9f4779eae58c37fc868419e093fa28d22ec76c774fb9bc555adc4cb

    • SSDEEP

      1536:9y/OQ+2BHdzvGlQ1n2GR7klU9ByNLOP2HmZXwVl0wHCJK9f:9qH+2LDzn2S7kIByNiYmZXwBiu

    Score
    8/10
    • Possible privilege escalation attempt

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Modifies file permissions

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks