4c93817b83feae8a47e2174db299dcc968ecbb6f7b2a3c4e6aecee56d645ea04 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39ce0d1e358e215b5c0380627ec7c5c4
Size

490KB
Sample

231225-yqs94agdb9
MD5

39ce0d1e358e215b5c0380627ec7c5c4
SHA1

30a2521e36bd28ca3f031ba44f7246a8032e5ab3
SHA256

4c93817b83feae8a47e2174db299dcc968ecbb6f7b2a3c4e6aecee56d645ea04
SHA512

a8e8cd8820eb3c6bd8fd83d087f24c0475d3cfe28e93a503164b4b8f2fe9c3987462a5fe3a3ae234c02139660b188d19513392e954db4ab0fd25c7e1bb33deef
SSDEEP

3072:1828inqN7CMBrm+sCMpFdp/8VetHA2zx5:182xqB8+pkGYA2zx5

Score

7^/10

Malware Config

Targets

- Target
  
  39ce0d1e358e215b5c0380627ec7c5c4
- Size
  
  490KB
- MD5
  
  39ce0d1e358e215b5c0380627ec7c5c4
- SHA1
  
  30a2521e36bd28ca3f031ba44f7246a8032e5ab3
- SHA256
  
  4c93817b83feae8a47e2174db299dcc968ecbb6f7b2a3c4e6aecee56d645ea04
- SHA512
  
  a8e8cd8820eb3c6bd8fd83d087f24c0475d3cfe28e93a503164b4b8f2fe9c3987462a5fe3a3ae234c02139660b188d19513392e954db4ab0fd25c7e1bb33deef
- SSDEEP
  
  3072:1828inqN7CMBrm+sCMpFdp/8VetHA2zx5:182xqB8+pkGYA2zx5
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2