9e61f86a378552b9a27b543568b5629220bd19c355480e71d33be2643031162a | Triage

Sharing

General

Target

d6be7e447b67246bfa7ba01c46215db0N
Size

94KB
Sample

240907-ycx15atdke
MD5

d6be7e447b67246bfa7ba01c46215db0
SHA1

324a86adfd230b788a3ff83744b4d88e243b2c0b
SHA256

9e61f86a378552b9a27b543568b5629220bd19c355480e71d33be2643031162a
SHA512

9b3337c4074e2537f1ef1728d6d92ccf6b019e7066d3be8db538d96e4b856f0df87b0d4f93265c2e23684a50ad1112d1ecc35bbb0fbeb5bab47f32c0558295ed
SSDEEP

1536:BYUb5NE3yZIp+6HO5J4ggpMFSvIKEu0dX4j2dAck9:BYUb5QoJ4g+FXb

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  d6be7e447b67246bfa7ba01c46215db0N
- Size
  
  94KB
- MD5
  
  d6be7e447b67246bfa7ba01c46215db0
- SHA1
  
  324a86adfd230b788a3ff83744b4d88e243b2c0b
- SHA256
  
  9e61f86a378552b9a27b543568b5629220bd19c355480e71d33be2643031162a
- SHA512
  
  9b3337c4074e2537f1ef1728d6d92ccf6b019e7066d3be8db538d96e4b856f0df87b0d4f93265c2e23684a50ad1112d1ecc35bbb0fbeb5bab47f32c0558295ed
- SSDEEP
  
  1536:BYUb5NE3yZIp+6HO5J4ggpMFSvIKEu0dX4j2dAck9:BYUb5QoJ4g+FXb
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery