a9b5f922042406e16958e8e4cc7fd2ba6e379e8d9ac7820e0cd05f6c01cb8d46 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a9b5f922042406e16958e8e4cc7fd2ba6e379e8d9ac7820e0cd05f6c01cb8d46
Size

6.3MB
Sample

240607-klp5zsde7w
MD5

8f0aacbabb588a50b46b7d29ea9e51be
SHA1

bf3d6459400c150126c194f677928c222184e4ac
SHA256

a9b5f922042406e16958e8e4cc7fd2ba6e379e8d9ac7820e0cd05f6c01cb8d46
SHA512

7138818db291b61da6f9a4ac9fce154f89cb0057783541c60a92015f1e532657302ea1ec38873edea3accba060f099749846e643a0c6e898c077f47bcc48e37b
SSDEEP

98304:tQz23M+mf7sMby8K5tmLcvJqiZLhUTRm1r+nretjUTvs0eZyndr+ZmrImp+tQ2:4/by8etNR5hUTQ1ynytjUVdr+wi1

Score

7^/10

Malware Config

Targets

- Target
  
  a9b5f922042406e16958e8e4cc7fd2ba6e379e8d9ac7820e0cd05f6c01cb8d46
- Size
  
  6.3MB
- MD5
  
  8f0aacbabb588a50b46b7d29ea9e51be
- SHA1
  
  bf3d6459400c150126c194f677928c222184e4ac
- SHA256
  
  a9b5f922042406e16958e8e4cc7fd2ba6e379e8d9ac7820e0cd05f6c01cb8d46
- SHA512
  
  7138818db291b61da6f9a4ac9fce154f89cb0057783541c60a92015f1e532657302ea1ec38873edea3accba060f099749846e643a0c6e898c077f47bcc48e37b
- SSDEEP
  
  98304:tQz23M+mf7sMby8K5tmLcvJqiZLhUTRm1r+nretjUTvs0eZyndr+ZmrImp+tQ2:4/by8etNR5hUTQ1ynytjUVdr+wi1
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2