90675365368cc7f1b6dbeb7df056371a659fda9ec9be6edcb6e680602801b648 | Triage

Sharing

General

Target

90675365368cc7f1b6dbeb7df056371a659fda9ec9be6edcb6e680602801b648
Size

188KB
Sample

221204-mw82ysbg57
MD5

e540f45a4d77a334adc938efea99c398
SHA1

d752356a4a1f9877de45ca797dee5dec3c99d562
SHA256

90675365368cc7f1b6dbeb7df056371a659fda9ec9be6edcb6e680602801b648
SHA512

b8d8dc4bb4a06dd8166ded56c7125dc1f730a0e61d041ab3e155ad4db945825bfa5eaf39dd8515c2db70dada43f3e6923f01754a80f2f174ae9b242638762725
SSDEEP

3072:nl1i/NU8bOMYcYYcmy5PTM5YmMOMYcYY51i/NU8TffsN0n/A76r7Gki0Hv5sioUT:Xi/NjO5zX3Oai/NZG66CYE

Score

8^/10

Malware Config

Targets

- Target
  
  90675365368cc7f1b6dbeb7df056371a659fda9ec9be6edcb6e680602801b648
- Size
  
  188KB
- MD5
  
  e540f45a4d77a334adc938efea99c398
- SHA1
  
  d752356a4a1f9877de45ca797dee5dec3c99d562
- SHA256
  
  90675365368cc7f1b6dbeb7df056371a659fda9ec9be6edcb6e680602801b648
- SHA512
  
  b8d8dc4bb4a06dd8166ded56c7125dc1f730a0e61d041ab3e155ad4db945825bfa5eaf39dd8515c2db70dada43f3e6923f01754a80f2f174ae9b242638762725
- SSDEEP
  
  3072:nl1i/NU8bOMYcYYcmy5PTM5YmMOMYcYY51i/NU8TffsN0n/A76r7Gki0Hv5sioUT:Xi/NjO5zX3Oai/NZG66CYE
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2