651a54f98d29ae37fa7a54f00e1bad8e594f10440b9eed83fa43f721eef00ef7 | Triage

Sharing

General

Target

651a54f98d29ae37fa7a54f00e1bad8e594f10440b9eed83fa43f721eef00ef7
Size

139KB
Sample

231226-fegstahbb3
MD5

4ac4799b5115f18392be7d7f414f2aec
SHA1

6357299063b180963b3500c86c7c1d7ea8598d86
SHA256

651a54f98d29ae37fa7a54f00e1bad8e594f10440b9eed83fa43f721eef00ef7
SHA512

877d6c5781e2cd7c987dbc34de822c71ce3080c83e243c11e8aa22c53bee0a4f1703782a232842604e203b311a162841a9d0ded8eab950d5316bccc62f79ae29
SSDEEP

3072:pjWOPKyTW2LsvXLZLd8s57Ttex5voVLb2:pivb8ckzOLS

Score

7^/10

Malware Config

Targets

- Target
  
  651a54f98d29ae37fa7a54f00e1bad8e594f10440b9eed83fa43f721eef00ef7
- Size
  
  139KB
- MD5
  
  4ac4799b5115f18392be7d7f414f2aec
- SHA1
  
  6357299063b180963b3500c86c7c1d7ea8598d86
- SHA256
  
  651a54f98d29ae37fa7a54f00e1bad8e594f10440b9eed83fa43f721eef00ef7
- SHA512
  
  877d6c5781e2cd7c987dbc34de822c71ce3080c83e243c11e8aa22c53bee0a4f1703782a232842604e203b311a162841a9d0ded8eab950d5316bccc62f79ae29
- SSDEEP
  
  3072:pjWOPKyTW2LsvXLZLd8s57Ttex5voVLb2:pivb8ckzOLS
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2