41417fcf6a8f8bf13ea6407eaa9dc1b0a485343a0e5684a33550c8381e9253b3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41417fcf6a8f8bf13ea6407eaa9dc1b0a485343a0e5684a33550c8381e9253b3
Size

121KB
Sample

221203-a4scysae93
MD5

139df1267db6ee36fe5826274a486040
SHA1

df406c15b4339ddbb1c4f044748a744e3a1f8a26
SHA256

41417fcf6a8f8bf13ea6407eaa9dc1b0a485343a0e5684a33550c8381e9253b3
SHA512

00df21e5c3651de579538ceb8ce0c339b9f6154063b6c7edbec8f58a7b4d321e2945457bf86d832166be7a36f8d95ff99b1fb48eddac0d8e1a55362f37c3d43c
SSDEEP

1536:iUK3ATn6Q1w6ZnBbWxu5hb86HTU879i0PORJrqpzuQfhH+:SwTJPl9Wxuw6HTqR4ph

Score

7^/10

Malware Config

Targets

- Target
  
  41417fcf6a8f8bf13ea6407eaa9dc1b0a485343a0e5684a33550c8381e9253b3
- Size
  
  121KB
- MD5
  
  139df1267db6ee36fe5826274a486040
- SHA1
  
  df406c15b4339ddbb1c4f044748a744e3a1f8a26
- SHA256
  
  41417fcf6a8f8bf13ea6407eaa9dc1b0a485343a0e5684a33550c8381e9253b3
- SHA512
  
  00df21e5c3651de579538ceb8ce0c339b9f6154063b6c7edbec8f58a7b4d321e2945457bf86d832166be7a36f8d95ff99b1fb48eddac0d8e1a55362f37c3d43c
- SSDEEP
  
  1536:iUK3ATn6Q1w6ZnBbWxu5hb86HTU879i0PORJrqpzuQfhH+:SwTJPl9Wxuw6HTqR4ph
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2