e94c812906232ee5b1d996531ccf90860657b65696f05b75d2bcf2afbdcf3638 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

92d6ba75f17f81acd6f2523ac4f41a3e.exe
Size

68KB
Sample

240108-ytaxxshch2
MD5

92d6ba75f17f81acd6f2523ac4f41a3e
SHA1

4d2ad67c2a087a25ab4824a0a53be6fb8796a582
SHA256

e94c812906232ee5b1d996531ccf90860657b65696f05b75d2bcf2afbdcf3638
SHA512

c146d3c658ed19532f87b1b066a94d019267d4d636807718ae6b533da1a57dda12d1e40024da313184ce47ae88b20e47bc97b4c6dcb65c507b87450b8aee529f
SSDEEP

768:TrItKyw5WHXfQmjIiIk9ecAa0Mb96SyX1DLdRXXXE000V:Tr3Z5IfQmv81ar1yXtZn

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  92d6ba75f17f81acd6f2523ac4f41a3e.exe
- Size
  
  68KB
- MD5
  
  92d6ba75f17f81acd6f2523ac4f41a3e
- SHA1
  
  4d2ad67c2a087a25ab4824a0a53be6fb8796a582
- SHA256
  
  e94c812906232ee5b1d996531ccf90860657b65696f05b75d2bcf2afbdcf3638
- SHA512
  
  c146d3c658ed19532f87b1b066a94d019267d4d636807718ae6b533da1a57dda12d1e40024da313184ce47ae88b20e47bc97b4c6dcb65c507b87450b8aee529f
- SSDEEP
  
  768:TrItKyw5WHXfQmjIiIk9ecAa0Mb96SyX1DLdRXXXE000V:Tr3Z5IfQmv81ar1yXtZn
Score

8^/10

evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2