216bee2365c9d0feeaf34425c656d085d86732c96406fe565b19def2e0449440 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

216bee2365c9d0feeaf34425c656d085d86732c96406fe565b19def2e0449440
Size

56KB
Sample

221019-qvrm3aaecj
MD5

82ce7d669d2021d88bdc7ea4689ab430
SHA1

bf4902eaf95185931b7751e9bdf36b6e0f780884
SHA256

216bee2365c9d0feeaf34425c656d085d86732c96406fe565b19def2e0449440
SHA512

ede2e2e5beb68f706222882b4297795a40b80745a1da13663e3166953b5b78762732dc23181c6c5fbeb221b5aacac41028b7c32e54c43ec01a2c92a30b42e8ee
SSDEEP

768:w761lCLOKpOzsG8UbdeuVtJNEf4J3c42xDqTPxQPx/86xQw/tnAxdqVdK:u6zAOKusFUbd3HzTsIx4x/cw/1A7qVd

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  216bee2365c9d0feeaf34425c656d085d86732c96406fe565b19def2e0449440
- Size
  
  56KB
- MD5
  
  82ce7d669d2021d88bdc7ea4689ab430
- SHA1
  
  bf4902eaf95185931b7751e9bdf36b6e0f780884
- SHA256
  
  216bee2365c9d0feeaf34425c656d085d86732c96406fe565b19def2e0449440
- SHA512
  
  ede2e2e5beb68f706222882b4297795a40b80745a1da13663e3166953b5b78762732dc23181c6c5fbeb221b5aacac41028b7c32e54c43ec01a2c92a30b42e8ee
- SSDEEP
  
  768:w761lCLOKpOzsG8UbdeuVtJNEf4J3c42xDqTPxQPx/86xQw/tnAxdqVdK:u6zAOKusFUbd3HzTsIx4x/cw/1A7qVd
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2