fed0da48fd070e4b6308b82eb3a3d028452beedee5e39f0908598b4010a5cc12 | Triage

Sharing

General

Target

fed0da48fd070e4b6308b82eb3a3d028452beedee5e39f0908598b4010a5cc12
Size

50KB
Sample

221002-la1ysaacgr
MD5

70db48381cc8985df92a529e684ec5c2
SHA1

6be0b9e369a65164e410ca4f9b27f430c16bba20
SHA256

fed0da48fd070e4b6308b82eb3a3d028452beedee5e39f0908598b4010a5cc12
SHA512

bb059cfa4f6eebcf85dfd757b6e3ca12f7437b87e96fc83d9c6dade3531c9de8ce1da0518781f0a13758425d7da938aafb5e1312a7adc92e5645b65bda8a63f9
SSDEEP

768:EdWm+d1z8BXAqxw+E9Sb+7RFpvLXuZr32BBaAriUFE0tFmvDR7CkC5HVYPCw:kjkEw+CvNFxLXKyBhXm0tFmvDCHyP

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  fed0da48fd070e4b6308b82eb3a3d028452beedee5e39f0908598b4010a5cc12
- Size
  
  50KB
- MD5
  
  70db48381cc8985df92a529e684ec5c2
- SHA1
  
  6be0b9e369a65164e410ca4f9b27f430c16bba20
- SHA256
  
  fed0da48fd070e4b6308b82eb3a3d028452beedee5e39f0908598b4010a5cc12
- SHA512
  
  bb059cfa4f6eebcf85dfd757b6e3ca12f7437b87e96fc83d9c6dade3531c9de8ce1da0518781f0a13758425d7da938aafb5e1312a7adc92e5645b65bda8a63f9
- SSDEEP
  
  768:EdWm+d1z8BXAqxw+E9Sb+7RFpvLXuZr32BBaAriUFE0tFmvDR7CkC5HVYPCw:kjkEw+CvNFxLXKyBhXm0tFmvDCHyP
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2