97aea8d0d6bd1c012d3bd803b7d243115c8a1093ccfbeaf3392791bf92d7a5f2 | Triage

Sharing

General

Target

97aea8d0d6bd1c012d3bd803b7d243115c8a1093ccfbeaf3392791bf92d7a5f2
Size

1.1MB
Sample

230902-j8zghabg84
MD5

a8c4aa0539c228cdac2e11c8714d0082
SHA1

7dcb0b0567324dbfb79076c2d8cb4a69b046b329
SHA256

97aea8d0d6bd1c012d3bd803b7d243115c8a1093ccfbeaf3392791bf92d7a5f2
SHA512

896fe3d214ac521bc169bc1ae03065729b26fdc394549e6c18c02671ccf5a15447eff0d0eae08e389bbcd2493b89d7b8eb3a545eb716cb00623ec0c5ab3fd7bd
SSDEEP

24576:gRW3N/0f/oAPoRBchI5anfOlAUAi1K6oElG4lBujFAvCyRP:g5ApamAUAQ/lG4lBmFAvZP

Score

7^/10

Malware Config

Targets

- Target
  
  97aea8d0d6bd1c012d3bd803b7d243115c8a1093ccfbeaf3392791bf92d7a5f2
- Size
  
  1.1MB
- MD5
  
  a8c4aa0539c228cdac2e11c8714d0082
- SHA1
  
  7dcb0b0567324dbfb79076c2d8cb4a69b046b329
- SHA256
  
  97aea8d0d6bd1c012d3bd803b7d243115c8a1093ccfbeaf3392791bf92d7a5f2
- SHA512
  
  896fe3d214ac521bc169bc1ae03065729b26fdc394549e6c18c02671ccf5a15447eff0d0eae08e389bbcd2493b89d7b8eb3a545eb716cb00623ec0c5ab3fd7bd
- SSDEEP
  
  24576:gRW3N/0f/oAPoRBchI5anfOlAUAi1K6oElG4lBujFAvCyRP:g5ApamAUAQ/lG4lBmFAvZP
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2