20bed6dfae09b5085ec29501f5ca2c80ad2e5b009f6f5fcfec2a1f9638e46ec3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20bed6dfae09b5085ec29501f5ca2c80ad2e5b009f6f5fcfec2a1f9638e46ec3
Size

1.1MB
Sample

240802-znj43szcmk
MD5

afa79bd64740b84768b4ee0cbc9c0123
SHA1

d3937af7ad1b8d4e0b0c6da338df83ee3269a620
SHA256

20bed6dfae09b5085ec29501f5ca2c80ad2e5b009f6f5fcfec2a1f9638e46ec3
SHA512

73809633d3655c1f444f0b87443f380ffb6e09fd21f17e0d1cd847f0369b4ddf1a7cd8610f68269a65fd91686b274202c7b8841eb92ae6e8173755b071ca2e6d
SSDEEP

24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Q2:acallSllG4ZM7QzM9

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  20bed6dfae09b5085ec29501f5ca2c80ad2e5b009f6f5fcfec2a1f9638e46ec3
- Size
  
  1.1MB
- MD5
  
  afa79bd64740b84768b4ee0cbc9c0123
- SHA1
  
  d3937af7ad1b8d4e0b0c6da338df83ee3269a620
- SHA256
  
  20bed6dfae09b5085ec29501f5ca2c80ad2e5b009f6f5fcfec2a1f9638e46ec3
- SHA512
  
  73809633d3655c1f444f0b87443f380ffb6e09fd21f17e0d1cd847f0369b4ddf1a7cd8610f68269a65fd91686b274202c7b8841eb92ae6e8173755b071ca2e6d
- SSDEEP
  
  24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Q2:acallSllG4ZM7QzM9
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2