deee416836a91db411eea1efc255c49021f7744f26ef58b68bf4238369ad7600 | Triage

Sharing

General

Target

deee416836a91db411eea1efc255c49021f7744f26ef58b68bf4238369ad7600
Size

11KB
Sample

221206-2nhmcsdh4s
MD5

e2c457eedc61e399d4ed5ca9f87b21b3
SHA1

d4142674a73809cf133ac94a03302a47a98e8ea2
SHA256

deee416836a91db411eea1efc255c49021f7744f26ef58b68bf4238369ad7600
SHA512

a8683123aa5c89092cecd74ea0353849eb587164152982804903d819c34aa42ebcc1698ee818ed60337a837d0578de4a19e4545ef1c6c1a4c8c6aa13b926c5a3
SSDEEP

192:BrMK4TA90YN2aqXzQ1bC9WP5BIRJMVxKW6CCE0jumCap:BrXyYN6XzQ5jBHKyKCY

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  deee416836a91db411eea1efc255c49021f7744f26ef58b68bf4238369ad7600
- Size
  
  11KB
- MD5
  
  e2c457eedc61e399d4ed5ca9f87b21b3
- SHA1
  
  d4142674a73809cf133ac94a03302a47a98e8ea2
- SHA256
  
  deee416836a91db411eea1efc255c49021f7744f26ef58b68bf4238369ad7600
- SHA512
  
  a8683123aa5c89092cecd74ea0353849eb587164152982804903d819c34aa42ebcc1698ee818ed60337a837d0578de4a19e4545ef1c6c1a4c8c6aa13b926c5a3
- SSDEEP
  
  192:BrMK4TA90YN2aqXzQ1bC9WP5BIRJMVxKW6CCE0jumCap:BrXyYN6XzQ5jBHKyKCY
Score

8^/10

persistence
- Drops file in Drivers directory
- Sets DLL path for service in the registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2