5ca47a297de4a6ef2ffdd2c2415bf1f82c816b425c14c89ffb6408f313ab2859 | Triage

Sharing

General

Target

5ca47a297de4a6ef2ffdd2c2415bf1f82c816b425c14c89ffb6408f313ab2859
Size

76KB
Sample

221002-la2kbahae5
MD5

656f9b7a11063aab122ec630b8538b09
SHA1

9e87ff164533edfccbb6e74b4215405893707934
SHA256

5ca47a297de4a6ef2ffdd2c2415bf1f82c816b425c14c89ffb6408f313ab2859
SHA512

2b08c6604368b4a8b117ae4e9ad67d62cb5953deedb0f3bec9e43b0de4924e84daf04e9449a7e9d7d877d50ab3d76371979fece88e2dada014e76d761ffe8c68
SSDEEP

768:qqgFPbzKxlCSgShrwGNM6jQeEOPeM05oBCLVNodwSmTO9SyTpSCkC5HVYPC:aNXSgMpNbdEO2hqjuSmm9HyP

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  5ca47a297de4a6ef2ffdd2c2415bf1f82c816b425c14c89ffb6408f313ab2859
- Size
  
  76KB
- MD5
  
  656f9b7a11063aab122ec630b8538b09
- SHA1
  
  9e87ff164533edfccbb6e74b4215405893707934
- SHA256
  
  5ca47a297de4a6ef2ffdd2c2415bf1f82c816b425c14c89ffb6408f313ab2859
- SHA512
  
  2b08c6604368b4a8b117ae4e9ad67d62cb5953deedb0f3bec9e43b0de4924e84daf04e9449a7e9d7d877d50ab3d76371979fece88e2dada014e76d761ffe8c68
- SSDEEP
  
  768:qqgFPbzKxlCSgShrwGNM6jQeEOPeM05oBCLVNodwSmTO9SyTpSCkC5HVYPC:aNXSgMpNbdEO2hqjuSmm9HyP
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2