a951cd6c1ba85cfa31b957036e18b61528c2b9ac41b2872e51924d8dae5f6ef4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a951cd6c1ba85cfa31b957036e18b61528c2b9ac41b2872e51924d8dae5f6ef4
Size

100KB
Sample

221205-lm4kfafh53
MD5

d525e1f53571b2db4398c10f6214fe85
SHA1

f0b91d9872f690f98fd3aa3c5f04bc9615053717
SHA256

a951cd6c1ba85cfa31b957036e18b61528c2b9ac41b2872e51924d8dae5f6ef4
SHA512

10f42f9b4b3d890a9ce05bd25becfe6ad6fdf3b3b8f06b7615b925528b3bf6212a4ddce5541207974d6c1bb53ecb538594f11714858ed62907c216f4ef47d75b
SSDEEP

3072:BRvC98Azr0DtarFOdicCGetaEVdZxvUAv:nvWatUFOdtTU

Score

7^/10

Malware Config

Targets

- Target
  
  a951cd6c1ba85cfa31b957036e18b61528c2b9ac41b2872e51924d8dae5f6ef4
- Size
  
  100KB
- MD5
  
  d525e1f53571b2db4398c10f6214fe85
- SHA1
  
  f0b91d9872f690f98fd3aa3c5f04bc9615053717
- SHA256
  
  a951cd6c1ba85cfa31b957036e18b61528c2b9ac41b2872e51924d8dae5f6ef4
- SHA512
  
  10f42f9b4b3d890a9ce05bd25becfe6ad6fdf3b3b8f06b7615b925528b3bf6212a4ddce5541207974d6c1bb53ecb538594f11714858ed62907c216f4ef47d75b
- SSDEEP
  
  3072:BRvC98Azr0DtarFOdicCGetaEVdZxvUAv:nvWatUFOdtTU
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2