e80d9757f4811997f91bbeba679aeb73f5c5f7f0f2d3f28edd6de17d8f17028f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e80d9757f4811997f91bbeba679aeb73f5c5f7f0f2d3f28edd6de17d8f17028f
Size

37KB
Sample

221204-n74r2sbf7z
MD5

3749bb940eb2c519ff0555c94a55a480
SHA1

7f0864d2e07cdf1ab503fe8e8751b34fb397503b
SHA256

e80d9757f4811997f91bbeba679aeb73f5c5f7f0f2d3f28edd6de17d8f17028f
SHA512

81c87ae33626719cf0d91b21cb33e9ef47e2604a4ae551e890597e8bf66b5fee422dc170367a6b4b7efbff567e414c75118e4c5116c071e36caf4a9f707b3e20
SSDEEP

768:IsErzZH22u7fbNIGq5mnSoFhGE+UNrzSk+V+OWtQd28r:IDH2h7fb2R6SEXrysRtQg8r

Score

8^/10

Malware Config

Targets

- Target
  
  e80d9757f4811997f91bbeba679aeb73f5c5f7f0f2d3f28edd6de17d8f17028f
- Size
  
  37KB
- MD5
  
  3749bb940eb2c519ff0555c94a55a480
- SHA1
  
  7f0864d2e07cdf1ab503fe8e8751b34fb397503b
- SHA256
  
  e80d9757f4811997f91bbeba679aeb73f5c5f7f0f2d3f28edd6de17d8f17028f
- SHA512
  
  81c87ae33626719cf0d91b21cb33e9ef47e2604a4ae551e890597e8bf66b5fee422dc170367a6b4b7efbff567e414c75118e4c5116c071e36caf4a9f707b3e20
- SSDEEP
  
  768:IsErzZH22u7fbNIGq5mnSoFhGE+UNrzSk+V+OWtQd28r:IDH2h7fb2R6SEXrysRtQg8r
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2