89dd38b1b68789e3bdd0b307d016449f4ea68eb00b9987996df2d32446905d8a | Triage

Sharing

General

Target

89dd38b1b68789e3bdd0b307d016449f4ea68eb00b9987996df2d32446905d8a
Size

1.2MB
Sample

221205-p9fzfacb44
MD5

7c61cfdeababfab42aa34a6a62a38f7a
SHA1

717ed10f9d643b14950cc66b1c4abed1a0b67038
SHA256

89dd38b1b68789e3bdd0b307d016449f4ea68eb00b9987996df2d32446905d8a
SHA512

6c01f7316a721b065dd2d5637e5a75919a0a3d69bf2eb5aed0369ea42b883e1a18767da11d097808fedf9fb8434d2d1d0349b6adb09995fed9641fa7ba5c4630
SSDEEP

24576:qvs4Nb+6ub8BaKzBJSQxHuMJuI5uLr9j3GIH1qMQQyZ:qvpDLSgj5uLH8QyZ

Score

8^/10

Malware Config

Targets

- Target
  
  89dd38b1b68789e3bdd0b307d016449f4ea68eb00b9987996df2d32446905d8a
- Size
  
  1.2MB
- MD5
  
  7c61cfdeababfab42aa34a6a62a38f7a
- SHA1
  
  717ed10f9d643b14950cc66b1c4abed1a0b67038
- SHA256
  
  89dd38b1b68789e3bdd0b307d016449f4ea68eb00b9987996df2d32446905d8a
- SHA512
  
  6c01f7316a721b065dd2d5637e5a75919a0a3d69bf2eb5aed0369ea42b883e1a18767da11d097808fedf9fb8434d2d1d0349b6adb09995fed9641fa7ba5c4630
- SSDEEP
  
  24576:qvs4Nb+6ub8BaKzBJSQxHuMJuI5uLr9j3GIH1qMQQyZ:qvpDLSgj5uLH8QyZ
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2