cd4086fd4d076aa3ffb0c05713b1d15965cc94fbd67a26e24420f904f08041a9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cd4086fd4d076aa3ffb0c05713b1d15965cc94fbd67a26e24420f904f08041a9
Size

54KB
Sample

221002-pe3jysgabq
MD5

07e816cbc4032383bb8855635b7354fe
SHA1

aa0bdca2a118e92a79491e32d07c5e90b6b9eb9b
SHA256

cd4086fd4d076aa3ffb0c05713b1d15965cc94fbd67a26e24420f904f08041a9
SHA512

80a5966db00408bec7140fa5d8e35c6104165864411e50a5ce22f3d354050c47d873f771f8c142ce8538e2901c04001bed113e0e10d5ea181af545e078dea8fa
SSDEEP

768:r9LM0lbiRE/imKBWzZhgBhPn6u9Ry6vd6wfSQ/9c8VDjBmPZst3L+hlPhJPa6Rhh:bh6EXlKnPz8y9cIDjjLSpbZ

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  cd4086fd4d076aa3ffb0c05713b1d15965cc94fbd67a26e24420f904f08041a9
- Size
  
  54KB
- MD5
  
  07e816cbc4032383bb8855635b7354fe
- SHA1
  
  aa0bdca2a118e92a79491e32d07c5e90b6b9eb9b
- SHA256
  
  cd4086fd4d076aa3ffb0c05713b1d15965cc94fbd67a26e24420f904f08041a9
- SHA512
  
  80a5966db00408bec7140fa5d8e35c6104165864411e50a5ce22f3d354050c47d873f771f8c142ce8538e2901c04001bed113e0e10d5ea181af545e078dea8fa
- SSDEEP
  
  768:r9LM0lbiRE/imKBWzZhgBhPn6u9Ry6vd6wfSQ/9c8VDjBmPZst3L+hlPhJPa6Rhh:bh6EXlKnPz8y9cIDjjLSpbZ
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2