774befad497a7ffe7f6232d82047799497a5d64010e1b77fa02c1574cbf2cd29 | Triage

Sharing

General

Target

559f2b567b51ccad44017313248a9aaf
Size

24KB
Sample

231226-fgnddagbdm
MD5

559f2b567b51ccad44017313248a9aaf
SHA1

c9b88d7d4980f2f769dd278a34307d002a5ef9d5
SHA256

774befad497a7ffe7f6232d82047799497a5d64010e1b77fa02c1574cbf2cd29
SHA512

4a96c8a168561c5d3abbe950bfabc019c8502a74204de4940d776bd1d7c49c3e5b66f231f8c7b66889c81b83525573d715476df52b87f61df3fe78a162e13ba3
SSDEEP

384:mAKt884GOufLsR5rVJz+WZnBuCwo+9+fuHOvAevEeDkc1ZGRwQ6uaFO:Oev0LsRlP+kBYPs9IgEvcrG16HF

Score

7^/10

Malware Config

Targets

- Target
  
  559f2b567b51ccad44017313248a9aaf
- Size
  
  24KB
- MD5
  
  559f2b567b51ccad44017313248a9aaf
- SHA1
  
  c9b88d7d4980f2f769dd278a34307d002a5ef9d5
- SHA256
  
  774befad497a7ffe7f6232d82047799497a5d64010e1b77fa02c1574cbf2cd29
- SHA512
  
  4a96c8a168561c5d3abbe950bfabc019c8502a74204de4940d776bd1d7c49c3e5b66f231f8c7b66889c81b83525573d715476df52b87f61df3fe78a162e13ba3
- SSDEEP
  
  384:mAKt884GOufLsR5rVJz+WZnBuCwo+9+fuHOvAevEeDkc1ZGRwQ6uaFO:Oev0LsRlP+kBYPs9IgEvcrG16HF
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2