208b67013268f042014dc5a58f34f45230b917a93bb2e10da511f01d695b239e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

208b67013268f042014dc5a58f34f45230b917a93bb2e10da511f01d695b239e
Size

122KB
Sample

220919-crj7xsgbcp
MD5

50b3281b5f8e7e9ab71fdd35faf9cd87
SHA1

605fcdbbfae3442b4daba992af17b6c3b489694f
SHA256

208b67013268f042014dc5a58f34f45230b917a93bb2e10da511f01d695b239e
SHA512

22ff7db1909864419c6a23234fdcd14cd4e34fa1b713a2a6c47e1b8f26be377f743723a984ab307d9a2c33855385b81d42a0679069593b9aa3dcb2ec16a2aa31
SSDEEP

3072:8F67cTuAEvl67o9Beb2LV7+ywBsSZLlOSlN5XY9NnlutTzzmvBb/+R:8I7kzE95CjlOSX5ol6TQ0

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  208b67013268f042014dc5a58f34f45230b917a93bb2e10da511f01d695b239e
- Size
  
  122KB
- MD5
  
  50b3281b5f8e7e9ab71fdd35faf9cd87
- SHA1
  
  605fcdbbfae3442b4daba992af17b6c3b489694f
- SHA256
  
  208b67013268f042014dc5a58f34f45230b917a93bb2e10da511f01d695b239e
- SHA512
  
  22ff7db1909864419c6a23234fdcd14cd4e34fa1b713a2a6c47e1b8f26be377f743723a984ab307d9a2c33855385b81d42a0679069593b9aa3dcb2ec16a2aa31
- SSDEEP
  
  3072:8F67cTuAEvl67o9Beb2LV7+ywBsSZLlOSlN5XY9NnlutTzzmvBb/+R:8I7kzE95CjlOSX5ol6TQ0
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2