c352d11f858c6d9cedf320cd5120db475c52c19b3d2e9352ba8c8b6bf4fde0fb | Triage

Sharing

General

Target

c352d11f858c6d9cedf320cd5120db475c52c19b3d2e9352ba8c8b6bf4fde0fb
Size

85KB
Sample

221003-kjc3msghan
MD5

091bcddb5ceaa1f0c7e2d507c539c60f
SHA1

e3cf67fe5611716ef26de6a18042500d9cfc4c39
SHA256

c352d11f858c6d9cedf320cd5120db475c52c19b3d2e9352ba8c8b6bf4fde0fb
SHA512

61ccb06ae2a9cdec6ce919578edb6f598ba78c67b1a0426add56584676299009f3f33043f149608be5d8ff649edebbdae0d1f53045d26753f7c6af31a846a43a
SSDEEP

1536:5JXLSNZSOyF/lewor4ZXkl3CkSRpliHyPm:5FutyjfVxIyLiS

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  c352d11f858c6d9cedf320cd5120db475c52c19b3d2e9352ba8c8b6bf4fde0fb
- Size
  
  85KB
- MD5
  
  091bcddb5ceaa1f0c7e2d507c539c60f
- SHA1
  
  e3cf67fe5611716ef26de6a18042500d9cfc4c39
- SHA256
  
  c352d11f858c6d9cedf320cd5120db475c52c19b3d2e9352ba8c8b6bf4fde0fb
- SHA512
  
  61ccb06ae2a9cdec6ce919578edb6f598ba78c67b1a0426add56584676299009f3f33043f149608be5d8ff649edebbdae0d1f53045d26753f7c6af31a846a43a
- SSDEEP
  
  1536:5JXLSNZSOyF/lewor4ZXkl3CkSRpliHyPm:5FutyjfVxIyLiS
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2