f1800991fd2e860615f76c53923f9522e78a2202e264bc03663072a5b0df20a0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1800991fd2e860615f76c53923f9522e78a2202e264bc03663072a5b0df20a0
Size

791KB
Sample

221203-j6gtnsbe9t
MD5

a70c2a28a2b8e27ae7456b4ab42f0c0b
SHA1

77e47626b65aba9b82320ef4474adb2429e8b0f5
SHA256

f1800991fd2e860615f76c53923f9522e78a2202e264bc03663072a5b0df20a0
SHA512

a0ccba773509379ad474bbe490466f650e12a8c1a74ced0c86daae92b2fd98e367c474de01ffb2bf7150b7f78e25e1e0f77b61b1f9f31e083ee62dc11d4edd47
SSDEEP

12288:3co398Nb9ZsbxCIRnwuRtVH7jUkcaqkOzWKiKx1DLSpq:3cm7jw+tVHvTMzWKbnDgq

Score

8^/10

Malware Config

Targets

- Target
  
  f1800991fd2e860615f76c53923f9522e78a2202e264bc03663072a5b0df20a0
- Size
  
  791KB
- MD5
  
  a70c2a28a2b8e27ae7456b4ab42f0c0b
- SHA1
  
  77e47626b65aba9b82320ef4474adb2429e8b0f5
- SHA256
  
  f1800991fd2e860615f76c53923f9522e78a2202e264bc03663072a5b0df20a0
- SHA512
  
  a0ccba773509379ad474bbe490466f650e12a8c1a74ced0c86daae92b2fd98e367c474de01ffb2bf7150b7f78e25e1e0f77b61b1f9f31e083ee62dc11d4edd47
- SSDEEP
  
  12288:3co398Nb9ZsbxCIRnwuRtVH7jUkcaqkOzWKiKx1DLSpq:3cm7jw+tVHvTMzWKbnDgq
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2