8b2c9c62e30c9de69ca7e9d56ba7d528b6f72a98fcc4f2228722b77b69ddd45f | Triage

Sharing

General

Target

8b2c9c62e30c9de69ca7e9d56ba7d528b6f72a98fcc4f2228722b77b69ddd45f
Size

36KB
Sample

221002-p52qcafgc7
MD5

5b6ac642bec3ff0285565402e98f5f6f
SHA1

b802a1b1f0acbe563d674d58b0818a878cc67a90
SHA256

8b2c9c62e30c9de69ca7e9d56ba7d528b6f72a98fcc4f2228722b77b69ddd45f
SHA512

d4e7927458946005282a86a90b828a73149fbed5b82b38c0bfe26172649958fee6a9bbffdd36c88360578eebb163b6e982d36eddca9021414a19f7c2698c247e
SSDEEP

384:ungz/RdiJscccVWSRuLBN9wSrli/xQfbfz1pvwMM58zULKK:umziJs2uLhwSrluKT711jMW4

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  8b2c9c62e30c9de69ca7e9d56ba7d528b6f72a98fcc4f2228722b77b69ddd45f
- Size
  
  36KB
- MD5
  
  5b6ac642bec3ff0285565402e98f5f6f
- SHA1
  
  b802a1b1f0acbe563d674d58b0818a878cc67a90
- SHA256
  
  8b2c9c62e30c9de69ca7e9d56ba7d528b6f72a98fcc4f2228722b77b69ddd45f
- SHA512
  
  d4e7927458946005282a86a90b828a73149fbed5b82b38c0bfe26172649958fee6a9bbffdd36c88360578eebb163b6e982d36eddca9021414a19f7c2698c247e
- SSDEEP
  
  384:ungz/RdiJscccVWSRuLBN9wSrli/xQfbfz1pvwMM58zULKK:umziJs2uLhwSrluKT711jMW4
Score

8^/10

persistence
- Modifies AppInit DLL entries
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2