fd3ba352ac22390a2ae970effbe7f17c2586d04b8a3271dbc390fc9f2a720510 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd3ba352ac22390a2ae970effbe7f17c2586d04b8a3271dbc390fc9f2a720510
Size

750KB
Sample

221202-3w3syafe97
MD5

185df69f0fe518682f710ef6f2ee9960
SHA1

765ecfcd8a80f931ff20a6f5da58eba7342c2646
SHA256

fd3ba352ac22390a2ae970effbe7f17c2586d04b8a3271dbc390fc9f2a720510
SHA512

2f8309764e58e2e1efb5420b4f8d5c742e13e246fce6c79ef756efeb18d758450d3cbe6cb7b1788e826c4ff3ef0fc4f4c393211d28308737c812fbe1d8b505b9
SSDEEP

12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y

Score

8^/10

Malware Config

Targets

- Target
  
  fd3ba352ac22390a2ae970effbe7f17c2586d04b8a3271dbc390fc9f2a720510
- Size
  
  750KB
- MD5
  
  185df69f0fe518682f710ef6f2ee9960
- SHA1
  
  765ecfcd8a80f931ff20a6f5da58eba7342c2646
- SHA256
  
  fd3ba352ac22390a2ae970effbe7f17c2586d04b8a3271dbc390fc9f2a720510
- SHA512
  
  2f8309764e58e2e1efb5420b4f8d5c742e13e246fce6c79ef756efeb18d758450d3cbe6cb7b1788e826c4ff3ef0fc4f4c393211d28308737c812fbe1d8b505b9
- SSDEEP
  
  12288:VHjcoe9PH96vB/fAuBcm9TyOE/xG3muGx44MG4Yx:VDgINfAuBcgcZG2uG24MG4Y
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2