3f53fdc377204be1d112c4a84c1299a4978c70e9744557cade8a371b7aa08aa4 | Triage

Sharing

General

Target

3f53fdc377204be1d112c4a84c1299a4978c70e9744557cade8a371b7aa08aa4N.exe
Size

116KB
Sample

250204-zm2yha1qhz
MD5

3abefcde2b20a36dcd3c79a672c3c160
SHA1

37b4d904dd0d876f3c86c02afd27f078e735f2d7
SHA256

3f53fdc377204be1d112c4a84c1299a4978c70e9744557cade8a371b7aa08aa4
SHA512

538e50f8d9dc6fdd2fba394fa47e730ef02b3e7602d93fc58373278d9211dfd4d6fedf5e1e7fd0762f220968a37a725953e5dd64f70e37fb4fcff7cf6712afcc
SSDEEP

1536:SgrbgkYur+eha3BzXSudZvIyEjG1fBclsc:SigkC3AuXvILjMBcKc

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  3f53fdc377204be1d112c4a84c1299a4978c70e9744557cade8a371b7aa08aa4N.exe
- Size
  
  116KB
- MD5
  
  3abefcde2b20a36dcd3c79a672c3c160
- SHA1
  
  37b4d904dd0d876f3c86c02afd27f078e735f2d7
- SHA256
  
  3f53fdc377204be1d112c4a84c1299a4978c70e9744557cade8a371b7aa08aa4
- SHA512
  
  538e50f8d9dc6fdd2fba394fa47e730ef02b3e7602d93fc58373278d9211dfd4d6fedf5e1e7fd0762f220968a37a725953e5dd64f70e37fb4fcff7cf6712afcc
- SSDEEP
  
  1536:SgrbgkYur+eha3BzXSudZvIyEjG1fBclsc:SigkC3AuXvILjMBcKc
Score

7^/10

discovery defense_evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

defense_evasiondiscovery