8b8851878c1d9a6c5cf55348384e5dcb2fa441566be0e1a65f0cce43d84dedfa | Triage

Sharing

General

Target

8b8851878c1d9a6c5cf55348384e5dcb2fa441566be0e1a65f0cce43d84dedfa
Size

360KB
Sample

221206-shjg2ahc43
MD5

732cdf0b27a32489411c9362859f7632
SHA1

2e72e9cd2782328ab35315c0875ff44947f53652
SHA256

8b8851878c1d9a6c5cf55348384e5dcb2fa441566be0e1a65f0cce43d84dedfa
SHA512

428accb2ad6b1c73b60d26dadbf6c399b5a2744eab1e45cebfd2d392a2d718449a25ca012a83ecc7c0f350819a7a42649b2b0e27ff55edc167d9ed85ec06a86d
SSDEEP

6144:Kl8ibNjFefg+sDYwXNlckN7CgJzOGsqB6cd1:4bjFTtGqCgJKfe1

Score

8^/10

Malware Config

Targets

- Target
  
  8b8851878c1d9a6c5cf55348384e5dcb2fa441566be0e1a65f0cce43d84dedfa
- Size
  
  360KB
- MD5
  
  732cdf0b27a32489411c9362859f7632
- SHA1
  
  2e72e9cd2782328ab35315c0875ff44947f53652
- SHA256
  
  8b8851878c1d9a6c5cf55348384e5dcb2fa441566be0e1a65f0cce43d84dedfa
- SHA512
  
  428accb2ad6b1c73b60d26dadbf6c399b5a2744eab1e45cebfd2d392a2d718449a25ca012a83ecc7c0f350819a7a42649b2b0e27ff55edc167d9ed85ec06a86d
- SSDEEP
  
  6144:Kl8ibNjFefg+sDYwXNlckN7CgJzOGsqB6cd1:4bjFTtGqCgJKfe1
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2