895ef92ebbc59bbf61f1f0500d445467779543cdf2200fece1ca7d5a0cb6aeb1 | Triage

Sharing

General

Target

895ef92ebbc59bbf61f1f0500d445467779543cdf2200fece1ca7d5a0cb6aeb1
Size

1.1MB
Sample

240811-3rcqysvdpk
MD5

c7f3a9d9c5d5c3708b6a1281286decf5
SHA1

eb7c53d9ec45219e476676b696f9b68a02630f07
SHA256

895ef92ebbc59bbf61f1f0500d445467779543cdf2200fece1ca7d5a0cb6aeb1
SHA512

e38c376cf41c4b41868adf77203cd43e0a6b4d5dd1f2ead852e85123eefd06004d6630bc36361595e2b580ca06491eeb8f9b9e20c99323ebe558fb9126ccfc48
SSDEEP

24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Qp:acallSllG4ZM7QzMq

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  895ef92ebbc59bbf61f1f0500d445467779543cdf2200fece1ca7d5a0cb6aeb1
- Size
  
  1.1MB
- MD5
  
  c7f3a9d9c5d5c3708b6a1281286decf5
- SHA1
  
  eb7c53d9ec45219e476676b696f9b68a02630f07
- SHA256
  
  895ef92ebbc59bbf61f1f0500d445467779543cdf2200fece1ca7d5a0cb6aeb1
- SHA512
  
  e38c376cf41c4b41868adf77203cd43e0a6b4d5dd1f2ead852e85123eefd06004d6630bc36361595e2b580ca06491eeb8f9b9e20c99323ebe558fb9126ccfc48
- SSDEEP
  
  24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Qp:acallSllG4ZM7QzMq
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2