764b03fa60fb8ac3877aa53bd129846a65149b12f0dc537f5d6a34741522c43d | Triage

Sharing

General

Target

764b03fa60fb8ac3877aa53bd129846a65149b12f0dc537f5d6a34741522c43d
Size

156KB
Sample

221004-dta8gaadhk
MD5

075957d919dd59ac12175be408415704
SHA1

c94f130073125bd0f000152a3c99ebc1f9665206
SHA256

764b03fa60fb8ac3877aa53bd129846a65149b12f0dc537f5d6a34741522c43d
SHA512

5ed6a88c8fdc9159286bde86e2bd1c23d2a378f47d8fb12d45e373ad79f617944e98a542a021d1dbbc75284e7860334740606e3254c39d7a114e11a268d8a8df
SSDEEP

3072:hnj9jtfU+INndIc0JL5iNghh2q8n/SIr4y8dRF/lE085Dz8BWPUQmd0t:hjbei2gv2Jn6I10RllEuel

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  764b03fa60fb8ac3877aa53bd129846a65149b12f0dc537f5d6a34741522c43d
- Size
  
  156KB
- MD5
  
  075957d919dd59ac12175be408415704
- SHA1
  
  c94f130073125bd0f000152a3c99ebc1f9665206
- SHA256
  
  764b03fa60fb8ac3877aa53bd129846a65149b12f0dc537f5d6a34741522c43d
- SHA512
  
  5ed6a88c8fdc9159286bde86e2bd1c23d2a378f47d8fb12d45e373ad79f617944e98a542a021d1dbbc75284e7860334740606e3254c39d7a114e11a268d8a8df
- SSDEEP
  
  3072:hnj9jtfU+INndIc0JL5iNghh2q8n/SIr4y8dRF/lE085Dz8BWPUQmd0t:hjbei2gv2Jn6I10RllEuel
Score

8^/10

persistence
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2