850cffb326094806664edffefbf212902b327596fd3118d55344e2162a9bdde4 | Triage

Sharing

General

Target

850cffb326094806664edffefbf212902b327596fd3118d55344e2162a9bdde4
Size

5KB
Sample

240522-3w3syadh82
MD5

6b24634f1575fff4d4100e3413d6db5a
SHA1

40b124a79ed7f8c9c560b9ae36eb16f6d7584b69
SHA256

850cffb326094806664edffefbf212902b327596fd3118d55344e2162a9bdde4
SHA512

6b2e1c8601bda1d4d544bff04f898ac87d8f63c12c6e420a37bb95f58fea47b1362e3b16a062913a783a94c32701f6508a8043a1abeec6eb3993ad4b5cce1d7c
SSDEEP

48:6hef2FDL0CTctgGWvLHmCyY/ZJi8d/1/UzEVnQBG/RACalGUV2CS7DD:QXR9YtevLGa/3ldd/wAnQWRRUV2CqD

Score

7^/10

Malware Config

Targets

- Target
  
  850cffb326094806664edffefbf212902b327596fd3118d55344e2162a9bdde4
- Size
  
  5KB
- MD5
  
  6b24634f1575fff4d4100e3413d6db5a
- SHA1
  
  40b124a79ed7f8c9c560b9ae36eb16f6d7584b69
- SHA256
  
  850cffb326094806664edffefbf212902b327596fd3118d55344e2162a9bdde4
- SHA512
  
  6b2e1c8601bda1d4d544bff04f898ac87d8f63c12c6e420a37bb95f58fea47b1362e3b16a062913a783a94c32701f6508a8043a1abeec6eb3993ad4b5cce1d7c
- SSDEEP
  
  48:6hef2FDL0CTctgGWvLHmCyY/ZJi8d/1/UzEVnQBG/RACalGUV2CS7DD:QXR9YtevLGa/3ldd/wAnQWRRUV2CqD
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2