1e03f375bfd379c200b11f58487c095921ebce62aa4ea5debd5d2cd227917189 | Triage

Sharing

General

Target

1e03f375bfd379c200b11f58487c095921ebce62aa4ea5debd5d2cd227917189
Size

283KB
Sample

221003-b57ppsbae3
MD5

6fd6c1f5102ed47e139054efe19c0a4a
SHA1

e0978750f58a7e081dad6e6e062a79178ec003cf
SHA256

1e03f375bfd379c200b11f58487c095921ebce62aa4ea5debd5d2cd227917189
SHA512

ba0800b6b2d1fa974be96dcf0a07cbb1aa9544f1de2f61a065483168fa8862c27532d5d39d29510fa6c23459ba5a3f703263f2a2ccfface65aadf0753f867946
SSDEEP

6144:WGiKpURL04vL4u6FrnQs8oaJqC8GYpxPenMmuTGge3j9+qN6QD:3pULdvBOK81Pen2o3

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  1e03f375bfd379c200b11f58487c095921ebce62aa4ea5debd5d2cd227917189
- Size
  
  283KB
- MD5
  
  6fd6c1f5102ed47e139054efe19c0a4a
- SHA1
  
  e0978750f58a7e081dad6e6e062a79178ec003cf
- SHA256
  
  1e03f375bfd379c200b11f58487c095921ebce62aa4ea5debd5d2cd227917189
- SHA512
  
  ba0800b6b2d1fa974be96dcf0a07cbb1aa9544f1de2f61a065483168fa8862c27532d5d39d29510fa6c23459ba5a3f703263f2a2ccfface65aadf0753f867946
- SSDEEP
  
  6144:WGiKpURL04vL4u6FrnQs8oaJqC8GYpxPenMmuTGge3j9+qN6QD:3pULdvBOK81Pen2o3
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2