8ad8b78961a2f07108889951fcd612b8763f8d4c0cf2cf394eb404d2e33952fa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ad8b78961a2f07108889951fcd612b8763f8d4c0cf2cf394eb404d2e33952fa
Size

426KB
Sample

221004-b5na3agac9
MD5

53ce5c9aae6ad2a98bb801440a4d4e97
SHA1

d0675fd027d86f476dacac0d20a01a183483ec19
SHA256

8ad8b78961a2f07108889951fcd612b8763f8d4c0cf2cf394eb404d2e33952fa
SHA512

6325b09ecbfce43f99e590d6edae5d828b92d08e14e6658d163d01a6ef702fc5bdcc25a80360ea50268291cbb768e1bc410e47e578a272de1c040b03e8cd2485
SSDEEP

6144:nUW/vqLbuWUAYmVWUI6AXLbZ1SLZkILbZ1SS6ZkILbZ1SLZkmr6ZkmBLbZ1SSrr7:n7/CbuWUAfWvnN

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  8ad8b78961a2f07108889951fcd612b8763f8d4c0cf2cf394eb404d2e33952fa
- Size
  
  426KB
- MD5
  
  53ce5c9aae6ad2a98bb801440a4d4e97
- SHA1
  
  d0675fd027d86f476dacac0d20a01a183483ec19
- SHA256
  
  8ad8b78961a2f07108889951fcd612b8763f8d4c0cf2cf394eb404d2e33952fa
- SHA512
  
  6325b09ecbfce43f99e590d6edae5d828b92d08e14e6658d163d01a6ef702fc5bdcc25a80360ea50268291cbb768e1bc410e47e578a272de1c040b03e8cd2485
- SSDEEP
  
  6144:nUW/vqLbuWUAYmVWUI6AXLbZ1SLZkILbZ1SS6ZkILbZ1SLZkmr6ZkmBLbZ1SSrr7:n7/CbuWUAfWvnN
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2