ef57202247d4b07c345a0f5eb3e17a64a465e7ae86ee670eb521750edfc24274 | Triage

Sharing

General

Target

ef57202247d4b07c345a0f5eb3e17a64a465e7ae86ee670eb521750edfc24274
Size

1.2MB
Sample

220919-ldppxseddp
MD5

3af20844064ec8b72b08180d09d27540
SHA1

8794f55c247a6a690a61f4f97aab6466bd692205
SHA256

ef57202247d4b07c345a0f5eb3e17a64a465e7ae86ee670eb521750edfc24274
SHA512

a20269872b0bb9e71eababe6261759742a987ee5d414643be6ace0b34451799d4ccf8c86687d8e781882a72ad3e85156b8a20740eb280213e5ada6b156d8d9f6
SSDEEP

24576:8OUb860NSG+uuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuIuuuuuuuuuuuuuuuuuuV:B+8+uuuuuuuuuuuuuuuuuuuuuuuuuuuy

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ef57202247d4b07c345a0f5eb3e17a64a465e7ae86ee670eb521750edfc24274
- Size
  
  1.2MB
- MD5
  
  3af20844064ec8b72b08180d09d27540
- SHA1
  
  8794f55c247a6a690a61f4f97aab6466bd692205
- SHA256
  
  ef57202247d4b07c345a0f5eb3e17a64a465e7ae86ee670eb521750edfc24274
- SHA512
  
  a20269872b0bb9e71eababe6261759742a987ee5d414643be6ace0b34451799d4ccf8c86687d8e781882a72ad3e85156b8a20740eb280213e5ada6b156d8d9f6
- SSDEEP
  
  24576:8OUb860NSG+uuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuIuuuuuuuuuuuuuuuuuuV:B+8+uuuuuuuuuuuuuuuuuuuuuuuuuuuy
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2