9f202ca874a6f0910c10bee1ff343a3e647dd8bba428573cf117c61eabdb9f4f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7a8bde795c707592e269db9b2bbba2f4
Size

257KB
Sample

231226-tb5mcshaa4
MD5

7a8bde795c707592e269db9b2bbba2f4
SHA1

0a0fea43a8714e528db5c8b3c330fa63511a595b
SHA256

9f202ca874a6f0910c10bee1ff343a3e647dd8bba428573cf117c61eabdb9f4f
SHA512

8b3eef64e1d20c16edf983bbf41578883b665df710721baccbfe8214879298caa80e749993284a5f56bdd13d90bb99802868e0495d095b0fc594b4c84db1db7d
SSDEEP

3072:ZYUb5QoJ4g+Ri+Zj6Iz1ZdW4SrO7FSVp1E:ZY7xh6SZI4z7FSVpK

Score

7^/10

Malware Config

Targets

- Target
  
  7a8bde795c707592e269db9b2bbba2f4
- Size
  
  257KB
- MD5
  
  7a8bde795c707592e269db9b2bbba2f4
- SHA1
  
  0a0fea43a8714e528db5c8b3c330fa63511a595b
- SHA256
  
  9f202ca874a6f0910c10bee1ff343a3e647dd8bba428573cf117c61eabdb9f4f
- SHA512
  
  8b3eef64e1d20c16edf983bbf41578883b665df710721baccbfe8214879298caa80e749993284a5f56bdd13d90bb99802868e0495d095b0fc594b4c84db1db7d
- SSDEEP
  
  3072:ZYUb5QoJ4g+Ri+Zj6Iz1ZdW4SrO7FSVp1E:ZY7xh6SZI4z7FSVpK
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2