a12f12687d68214acd6a9cc676004f593e2bc23434fdf81a05dc06a0fa2d4957 | Triage

Sharing

General

Target

a12f12687d68214acd6a9cc676004f593e2bc23434fdf81a05dc06a0fa2d4957
Size

1.1MB
Sample

240808-zhmysatape
MD5

3eea0bfd936008540680eff1af2b166b
SHA1

9d4487579231b8c44a4db8008861735c8249ffa5
SHA256

a12f12687d68214acd6a9cc676004f593e2bc23434fdf81a05dc06a0fa2d4957
SHA512

faa638e8787f6af8e15f7f8dbe3c3c8f0b0498c103e0ee4c529f3fc5475316c473197ed4ccbb79f88fac0efd57320a8f78a9c19c12ccec4b2988008769f03425
SSDEEP

24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Qf:acallSllG4ZM7QzM4

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  a12f12687d68214acd6a9cc676004f593e2bc23434fdf81a05dc06a0fa2d4957
- Size
  
  1.1MB
- MD5
  
  3eea0bfd936008540680eff1af2b166b
- SHA1
  
  9d4487579231b8c44a4db8008861735c8249ffa5
- SHA256
  
  a12f12687d68214acd6a9cc676004f593e2bc23434fdf81a05dc06a0fa2d4957
- SHA512
  
  faa638e8787f6af8e15f7f8dbe3c3c8f0b0498c103e0ee4c529f3fc5475316c473197ed4ccbb79f88fac0efd57320a8f78a9c19c12ccec4b2988008769f03425
- SSDEEP
  
  24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Qf:acallSllG4ZM7QzM4
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2