aa996968932ef3091229130a9f3191b2830ae5a4953bedd526e51a5d0c01a0c9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa996968932ef3091229130a9f3191b2830ae5a4953bedd526e51a5d0c01a0c9
Size

1.1MB
Sample

240914-sx3t8a1cqp
MD5

0cfb552b9c46d46101ed6fae14e4a00f
SHA1

6b9c87dda0ddcc4693d3e075b0551039b9d18429
SHA256

aa996968932ef3091229130a9f3191b2830ae5a4953bedd526e51a5d0c01a0c9
SHA512

8dc274708e4b18618c47f53f3ccf08d1b855389452fa04be841d0a5fa976df9b0a0913afc4344ba627a3e73894262e3b8a86647dad8a11bb42d838c40bfaf716
SSDEEP

24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5Qq:CcaClSFlG4ZM7QzMJ

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  aa996968932ef3091229130a9f3191b2830ae5a4953bedd526e51a5d0c01a0c9
- Size
  
  1.1MB
- MD5
  
  0cfb552b9c46d46101ed6fae14e4a00f
- SHA1
  
  6b9c87dda0ddcc4693d3e075b0551039b9d18429
- SHA256
  
  aa996968932ef3091229130a9f3191b2830ae5a4953bedd526e51a5d0c01a0c9
- SHA512
  
  8dc274708e4b18618c47f53f3ccf08d1b855389452fa04be841d0a5fa976df9b0a0913afc4344ba627a3e73894262e3b8a86647dad8a11bb42d838c40bfaf716
- SSDEEP
  
  24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5Qq:CcaClSFlG4ZM7QzMJ
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2