b7f365056bcd5f80599a53f486650e11c2e2cf6daba99974982afad6ff2448cc | Triage

Sharing

General

Target

b7f365056bcd5f80599a53f486650e11c2e2cf6daba99974982afad6ff2448cc
Size

96KB
Sample

240810-b532hstgpc
MD5

9f89d39099aab3829da28ce5a08305fb
SHA1

142080102bc4365375a307f6e509cb7b9fadccb5
SHA256

b7f365056bcd5f80599a53f486650e11c2e2cf6daba99974982afad6ff2448cc
SHA512

a64844cae4a61ec815f33fb0f3b93d4cfcc58e56bb6ae4f4a7dd94724a77c40f16a2953ce33076848f0b8abfd33199d2f37824f4e31faefaab0cc3f77d92ed0b
SSDEEP

1536:BYUb5NE3yZIp+6HO5J4ggpMFSvIKEu0dX4Ypkp:BYUb5QoJ4g+FXOkp

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  b7f365056bcd5f80599a53f486650e11c2e2cf6daba99974982afad6ff2448cc
- Size
  
  96KB
- MD5
  
  9f89d39099aab3829da28ce5a08305fb
- SHA1
  
  142080102bc4365375a307f6e509cb7b9fadccb5
- SHA256
  
  b7f365056bcd5f80599a53f486650e11c2e2cf6daba99974982afad6ff2448cc
- SHA512
  
  a64844cae4a61ec815f33fb0f3b93d4cfcc58e56bb6ae4f4a7dd94724a77c40f16a2953ce33076848f0b8abfd33199d2f37824f4e31faefaab0cc3f77d92ed0b
- SSDEEP
  
  1536:BYUb5NE3yZIp+6HO5J4ggpMFSvIKEu0dX4Ypkp:BYUb5QoJ4g+FXOkp
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery