02209b2a018e52c65c979ffba7ada8172398bba17fe8e9d55789d79e5f2f9823 | Triage

Sharing

General

Target

02209b2a018e52c65c979ffba7ada8172398bba17fe8e9d55789d79e5f2f9823N
Size

1.1MB
Sample

240919-enwgwszhmq
MD5

03b7a88bc3b17d60691d3e22f66abaa0
SHA1

77ec0c964c2993e4de2581cf41fe16edb1e0d273
SHA256

02209b2a018e52c65c979ffba7ada8172398bba17fe8e9d55789d79e5f2f9823
SHA512

99ff66784a2a79afa4d5c2eecc068ec1afcba58f3be29b264df236da3ebfda33b448456df6c05aae873220d60c42a0c4b96095da5f5af54fd8c6a1ee3acc0545
SSDEEP

24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Q0:acallSllG4ZM7QzMj

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  02209b2a018e52c65c979ffba7ada8172398bba17fe8e9d55789d79e5f2f9823N
- Size
  
  1.1MB
- MD5
  
  03b7a88bc3b17d60691d3e22f66abaa0
- SHA1
  
  77ec0c964c2993e4de2581cf41fe16edb1e0d273
- SHA256
  
  02209b2a018e52c65c979ffba7ada8172398bba17fe8e9d55789d79e5f2f9823
- SHA512
  
  99ff66784a2a79afa4d5c2eecc068ec1afcba58f3be29b264df236da3ebfda33b448456df6c05aae873220d60c42a0c4b96095da5f5af54fd8c6a1ee3acc0545
- SSDEEP
  
  24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Q0:acallSllG4ZM7QzMj
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2