165c2d7225dbbfe981b38f77ff1c3c1efe6ff8f84a8bb59b209f0a4dcebcfd4c | Triage

Sharing

General

Target

165c2d7225dbbfe981b38f77ff1c3c1efe6ff8f84a8bb59b209f0a4dcebcfd4c
Size

2.7MB
Sample

240925-xlnnda1hpq
MD5

6803679e27fec0fbbc90ad4d1c847b60
SHA1

4bcc7562edd3119175cbdbc34ab7f9b0635fcf3e
SHA256

165c2d7225dbbfe981b38f77ff1c3c1efe6ff8f84a8bb59b209f0a4dcebcfd4c
SHA512

64c2dc052f662869021192199cccc61919a1baaa57fd08b4a25ac7e181f1f73b64ffc0fb38e468b7567f8e0d88194f080b2fc766b96a1cb219e4f9d7167e49bd
SSDEEP

49152:9ayT+P66XbOP/ZzA2DItg1Hoaz6wecYfFkURwlhyAuLjf/IVgs5+xP:bTE66yXZ02DwUHoazRofxIhELjf/IVgs

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  165c2d7225dbbfe981b38f77ff1c3c1efe6ff8f84a8bb59b209f0a4dcebcfd4c
- Size
  
  2.7MB
- MD5
  
  6803679e27fec0fbbc90ad4d1c847b60
- SHA1
  
  4bcc7562edd3119175cbdbc34ab7f9b0635fcf3e
- SHA256
  
  165c2d7225dbbfe981b38f77ff1c3c1efe6ff8f84a8bb59b209f0a4dcebcfd4c
- SHA512
  
  64c2dc052f662869021192199cccc61919a1baaa57fd08b4a25ac7e181f1f73b64ffc0fb38e468b7567f8e0d88194f080b2fc766b96a1cb219e4f9d7167e49bd
- SSDEEP
  
  49152:9ayT+P66XbOP/ZzA2DItg1Hoaz6wecYfFkURwlhyAuLjf/IVgs5+xP:bTE66yXZ02DwUHoazRofxIhELjf/IVgs
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2