6055e6134d3c861ef5b2e599dd87959debcc09e6855cf3c8e4d32b6255aa1f99 | Triage

Sharing

General

Target

6055e6134d3c861ef5b2e599dd87959debcc09e6855cf3c8e4d32b6255aa1f99
Size

179KB
Sample

220731-gaqetsbbb5
MD5

84f2b1ef959d96970c899e581905c333
SHA1

57119042042e49e550c90a801c7ca15b8cf1b2ab
SHA256

6055e6134d3c861ef5b2e599dd87959debcc09e6855cf3c8e4d32b6255aa1f99
SHA512

c32903f151977a7fb624aa23639251976d10af864bd608f7a5b77ebde9cd178051529c1c0870f38a412f5e60ce97b499c20faeee2263ac70ce0ea7a675e51c29

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  6055e6134d3c861ef5b2e599dd87959debcc09e6855cf3c8e4d32b6255aa1f99
- Size
  
  179KB
- MD5
  
  84f2b1ef959d96970c899e581905c333
- SHA1
  
  57119042042e49e550c90a801c7ca15b8cf1b2ab
- SHA256
  
  6055e6134d3c861ef5b2e599dd87959debcc09e6855cf3c8e4d32b6255aa1f99
- SHA512
  
  c32903f151977a7fb624aa23639251976d10af864bd608f7a5b77ebde9cd178051529c1c0870f38a412f5e60ce97b499c20faeee2263ac70ce0ea7a675e51c29
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2