a798d0dc055b5b5c54cbcf4adda34698cf6540e35d5d97f61b681a1d63d3426b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29b75db921a037d6afa251f1fbc83960
Size

170KB
Sample

231225-s1j7aaagb5
MD5

29b75db921a037d6afa251f1fbc83960
SHA1

790c25c7087a66bd5847a34acc4e82684f51c3ea
SHA256

a798d0dc055b5b5c54cbcf4adda34698cf6540e35d5d97f61b681a1d63d3426b
SHA512

6ec4b97ad5f91b66906602ac86490a72172f32dd1d047aa7fa17f2e85310f2a5e6f2e48aa0a081769bddb4f2ed77c17b005b6223578c6e3e722bd27af055855b
SSDEEP

3072:jYaQl6v+WXfIOrbcSIFJ5/hZeOOdUJqANgesO0bq:jYaQIWWvIOryFJfZeOOduNdsO3

Score

7^/10

Malware Config

Targets

- Target
  
  29b75db921a037d6afa251f1fbc83960
- Size
  
  170KB
- MD5
  
  29b75db921a037d6afa251f1fbc83960
- SHA1
  
  790c25c7087a66bd5847a34acc4e82684f51c3ea
- SHA256
  
  a798d0dc055b5b5c54cbcf4adda34698cf6540e35d5d97f61b681a1d63d3426b
- SHA512
  
  6ec4b97ad5f91b66906602ac86490a72172f32dd1d047aa7fa17f2e85310f2a5e6f2e48aa0a081769bddb4f2ed77c17b005b6223578c6e3e722bd27af055855b
- SSDEEP
  
  3072:jYaQl6v+WXfIOrbcSIFJ5/hZeOOdUJqANgesO0bq:jYaQIWWvIOryFJfZeOOduNdsO3
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2