fd3fae3b67cfb182d823fbcb923c66827968ebae5dcfe8247861b78da5a06c72 | Triage

Sharing

General

Target

fd3fae3b67cfb182d823fbcb923c66827968ebae5dcfe8247861b78da5a06c72.exe
Size

58KB
Sample

241126-cbhn6axqbs
MD5

8a0af78f66ee4b22dfe44b9f65c7ab39
SHA1

cf4e02d97e2a9b5d9f2dd00b5b98e4b0bbd93ad8
SHA256

fd3fae3b67cfb182d823fbcb923c66827968ebae5dcfe8247861b78da5a06c72
SHA512

7d6b4ee3a2b4a00d47505fdb9a6a1153024db72a9797f7985de5c6a452e73b060e3903011c0262d34466b026f5200444d1e2cf677896a36a06453af340d6419e
SSDEEP

1536:hvQoLHjw2iWPKMvw71/RLyXwvvvZeee5Lttttx:hv5Ls27BIJ/RLyXweeeRttttx

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  fd3fae3b67cfb182d823fbcb923c66827968ebae5dcfe8247861b78da5a06c72.exe
- Size
  
  58KB
- MD5
  
  8a0af78f66ee4b22dfe44b9f65c7ab39
- SHA1
  
  cf4e02d97e2a9b5d9f2dd00b5b98e4b0bbd93ad8
- SHA256
  
  fd3fae3b67cfb182d823fbcb923c66827968ebae5dcfe8247861b78da5a06c72
- SHA512
  
  7d6b4ee3a2b4a00d47505fdb9a6a1153024db72a9797f7985de5c6a452e73b060e3903011c0262d34466b026f5200444d1e2cf677896a36a06453af340d6419e
- SSDEEP
  
  1536:hvQoLHjw2iWPKMvw71/RLyXwvvvZeee5Lttttx:hv5Ls27BIJ/RLyXweeeRttttx
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery