9e4bafac893b7753d6b9c5a49d6e3bf2d09e8336d6f613cc4385d5283de013d0 | Triage

Sharing

General

Target

9e4bafac893b7753d6b9c5a49d6e3bf2d09e8336d6f613cc4385d5283de013d0
Size

104KB
Sample

221001-1accragca7
MD5

73d3ad56e00955ccee8472871aaa4d2a
SHA1

a72fcd6e3024b8e2e950e8fd8b73ca4c1d639830
SHA256

9e4bafac893b7753d6b9c5a49d6e3bf2d09e8336d6f613cc4385d5283de013d0
SHA512

378a2164f35a914cf47bbbd9a675f195fc75b6e52a195309ec064687e351e9abe846d95817b1d8a15aa3058892890448188ca243ac459bcff9bc6449c12f45c3
SSDEEP

1536:GZlzv6RBwgKMOhJYdsXDjTHfjL6IcPIz7YfnoG8bHlfnToIfQIOlIO5oXUl:GZNidKMOhOuTjTqQzs/dgBTBfGv6XUl

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  9e4bafac893b7753d6b9c5a49d6e3bf2d09e8336d6f613cc4385d5283de013d0
- Size
  
  104KB
- MD5
  
  73d3ad56e00955ccee8472871aaa4d2a
- SHA1
  
  a72fcd6e3024b8e2e950e8fd8b73ca4c1d639830
- SHA256
  
  9e4bafac893b7753d6b9c5a49d6e3bf2d09e8336d6f613cc4385d5283de013d0
- SHA512
  
  378a2164f35a914cf47bbbd9a675f195fc75b6e52a195309ec064687e351e9abe846d95817b1d8a15aa3058892890448188ca243ac459bcff9bc6449c12f45c3
- SSDEEP
  
  1536:GZlzv6RBwgKMOhJYdsXDjTHfjL6IcPIz7YfnoG8bHlfnToIfQIOlIO5oXUl:GZNidKMOhOuTjTqQzs/dgBTBfGv6XUl
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2