3b3c4c169407d6b54f174caea85571c08b83c81c5a7fe95533a40369c321d3f3 | Triage

Sharing

General

Target

3b3c4c169407d6b54f174caea85571c08b83c81c5a7fe95533a40369c321d3f3
Size

1.1MB
Sample

240913-znppkayank
MD5

db4dfcc056aa5c0727ab85e6d28e5327
SHA1

03e65e88d6fb11f6cce4ba7391c9f001b3dee908
SHA256

3b3c4c169407d6b54f174caea85571c08b83c81c5a7fe95533a40369c321d3f3
SHA512

af74edcae7d387576cb11110ec22e5b808668a4f0595274bb69b4cd2e3bbe80d3183d741443f71c8be3bc018cc7c7d513e4e8904da1bb4f4d44883ab92f352ee
SSDEEP

24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5QW:acallSllG4ZM7QzMd

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  3b3c4c169407d6b54f174caea85571c08b83c81c5a7fe95533a40369c321d3f3
- Size
  
  1.1MB
- MD5
  
  db4dfcc056aa5c0727ab85e6d28e5327
- SHA1
  
  03e65e88d6fb11f6cce4ba7391c9f001b3dee908
- SHA256
  
  3b3c4c169407d6b54f174caea85571c08b83c81c5a7fe95533a40369c321d3f3
- SHA512
  
  af74edcae7d387576cb11110ec22e5b808668a4f0595274bb69b4cd2e3bbe80d3183d741443f71c8be3bc018cc7c7d513e4e8904da1bb4f4d44883ab92f352ee
- SSDEEP
  
  24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5QW:acallSllG4ZM7QzMd
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2