0cb509fd06e6f3766e03da843279c76c1f5b52ea0d6961892075764b591f0d69 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0cb509fd06e6f3766e03da843279c76c1f5b52ea0d6961892075764b591f0d69
Size

61KB
Sample

221011-t26mcaeafp
MD5

17756ea063e683a2fe7106ef88ee0bd0
SHA1

7647d901db3f3bace73d5ac762bff8699822d21e
SHA256

0cb509fd06e6f3766e03da843279c76c1f5b52ea0d6961892075764b591f0d69
SHA512

fd7c9c603f644e58a799a1c2b0227cc8ca54364c3f93881fe40ed3ce029239f87ecdaca93fe651209e9cc35bd06d19bd0475046c0e9a93b3b8e27a24f4c672de
SSDEEP

1536:n5hatC1zjuHeccZ1SzPvmjf97ne27F8MM:n5Mtg+u1SzPOjf97dW

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  0cb509fd06e6f3766e03da843279c76c1f5b52ea0d6961892075764b591f0d69
- Size
  
  61KB
- MD5
  
  17756ea063e683a2fe7106ef88ee0bd0
- SHA1
  
  7647d901db3f3bace73d5ac762bff8699822d21e
- SHA256
  
  0cb509fd06e6f3766e03da843279c76c1f5b52ea0d6961892075764b591f0d69
- SHA512
  
  fd7c9c603f644e58a799a1c2b0227cc8ca54364c3f93881fe40ed3ce029239f87ecdaca93fe651209e9cc35bd06d19bd0475046c0e9a93b3b8e27a24f4c672de
- SSDEEP
  
  1536:n5hatC1zjuHeccZ1SzPvmjf97ne27F8MM:n5Mtg+u1SzPOjf97dW
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2