5d0e2419976db0ad4ba601dcd1d23d4d71ce53c3f737151481e324797d4c9bb1 | Triage

Sharing

General

Target

5d0e2419976db0ad4ba601dcd1d23d4d71ce53c3f737151481e324797d4c9bb1.exe
Size

30KB
Sample

221017-lg2tnabfbm
MD5

b4ddc526360e32c39969c1ab00b6d918
SHA1

11a58a4bf1a750adab7a18dff2ee9afda93d771a
SHA256

5d0e2419976db0ad4ba601dcd1d23d4d71ce53c3f737151481e324797d4c9bb1
SHA512

c06b7c7ac0641dc47835531528a73cb3003dac551b060935e33f546a2b5339362aa90c5c7c12ff7bf3955af78428a7a3c228a127a8cd76fbae71ee845e3bc477
SSDEEP

768:qZL/0F24lercjO4sTZg5ZLvn2IuWZ0kqSqNPWQHc:OLsF2Kerc64sTiX2IV0Dcj

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  5d0e2419976db0ad4ba601dcd1d23d4d71ce53c3f737151481e324797d4c9bb1.exe
- Size
  
  30KB
- MD5
  
  b4ddc526360e32c39969c1ab00b6d918
- SHA1
  
  11a58a4bf1a750adab7a18dff2ee9afda93d771a
- SHA256
  
  5d0e2419976db0ad4ba601dcd1d23d4d71ce53c3f737151481e324797d4c9bb1
- SHA512
  
  c06b7c7ac0641dc47835531528a73cb3003dac551b060935e33f546a2b5339362aa90c5c7c12ff7bf3955af78428a7a3c228a127a8cd76fbae71ee845e3bc477
- SSDEEP
  
  768:qZL/0F24lercjO4sTZg5ZLvn2IuWZ0kqSqNPWQHc:OLsF2Kerc64sTiX2IV0Dcj
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2