9eaa4c2634fe9f79f4de3e0d06596f03ba92a0dbb9dd25b99ee310cf88519ad6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9eaa4c2634fe9f79f4de3e0d06596f03ba92a0dbb9dd25b99ee310cf88519ad6
Size

49KB
Sample

221011-emz4padhhp
MD5

4ce19bd58eb702387179f41fa04b0f13
SHA1

9fb42f5e22583de15fa4dbb4263a71c30d6115df
SHA256

9eaa4c2634fe9f79f4de3e0d06596f03ba92a0dbb9dd25b99ee310cf88519ad6
SHA512

1ff078a712b31699e3bf793bb750826ea5b8f2f10bc88b95a22a85d8752cf78e32b8b4b922b50a379e4176a83da7ed202f416817cc18317c5d9a5ec960888e5b
SSDEEP

768:yq6ujco0Z4ayRqQpHMOGti1BBOvMP/tXEpzMCqkcr:k4rqh8wkPl0pK

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  9eaa4c2634fe9f79f4de3e0d06596f03ba92a0dbb9dd25b99ee310cf88519ad6
- Size
  
  49KB
- MD5
  
  4ce19bd58eb702387179f41fa04b0f13
- SHA1
  
  9fb42f5e22583de15fa4dbb4263a71c30d6115df
- SHA256
  
  9eaa4c2634fe9f79f4de3e0d06596f03ba92a0dbb9dd25b99ee310cf88519ad6
- SHA512
  
  1ff078a712b31699e3bf793bb750826ea5b8f2f10bc88b95a22a85d8752cf78e32b8b4b922b50a379e4176a83da7ed202f416817cc18317c5d9a5ec960888e5b
- SSDEEP
  
  768:yq6ujco0Z4ayRqQpHMOGti1BBOvMP/tXEpzMCqkcr:k4rqh8wkPl0pK
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2