456fe60fbf0cd11b90936a3ed9158b3e6f02042bbac7a4a616f77359382a9489 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

456fe60fbf0cd11b90936a3ed9158b3e6f02042bbac7a4a616f77359382a9489
Size

5.4MB
Sample

221007-x74lqadcc5
MD5

83c5057f1fa30303d82b2f297f490250
SHA1

09a1b52cad55296d96fcb8cd878d03835a8f1cd8
SHA256

456fe60fbf0cd11b90936a3ed9158b3e6f02042bbac7a4a616f77359382a9489
SHA512

69487ad49fe21b6d58ce0392062fe26e508a577f7ab0f2f5cf8f87dc8de084e62414eaaf6b1b28383a95ebd0a369a8d5f69fb8ce83f81f3cbc49c2838f504241
SSDEEP

98304:pQsy1LMYkQI1/+eD+B+5xBgGEtW6/nZ4X2cuzZPxFxTJ+DqoV8cazT+ymv3QAOU:0hsD+BOS/+y0BOU

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  456fe60fbf0cd11b90936a3ed9158b3e6f02042bbac7a4a616f77359382a9489
- Size
  
  5.4MB
- MD5
  
  83c5057f1fa30303d82b2f297f490250
- SHA1
  
  09a1b52cad55296d96fcb8cd878d03835a8f1cd8
- SHA256
  
  456fe60fbf0cd11b90936a3ed9158b3e6f02042bbac7a4a616f77359382a9489
- SHA512
  
  69487ad49fe21b6d58ce0392062fe26e508a577f7ab0f2f5cf8f87dc8de084e62414eaaf6b1b28383a95ebd0a369a8d5f69fb8ce83f81f3cbc49c2838f504241
- SSDEEP
  
  98304:pQsy1LMYkQI1/+eD+B+5xBgGEtW6/nZ4X2cuzZPxFxTJ+DqoV8cazT+ymv3QAOU:0hsD+BOS/+y0BOU
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2