40d74e45733059440a946132333b6cd11e7a171f6d7288b07a7cdde04510b215 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40d74e45733059440a946132333b6cd11e7a171f6d7288b07a7cdde04510b215
Size

32KB
Sample

221029-2qvdyaadd4
MD5

5019be7d92b5592fc337ff4df27a2cd0
SHA1

8a676e6f6e18c8278cf1248b8b826d9e2727d1d5
SHA256

40d74e45733059440a946132333b6cd11e7a171f6d7288b07a7cdde04510b215
SHA512

aed31187087c408fccc5174d184458451e23ca74de4c19b559572c5b601020d07f1a8e45a1a70922b7ce6014403171c769b02f113ec992c4c62eadbd8a5176b4
SSDEEP

384:6ygqBKRO1pb5s4VmW8qaMrn7GPWZzS5jL1WwKg58:6QzbiqaMr8WhYjL1WpgW

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  40d74e45733059440a946132333b6cd11e7a171f6d7288b07a7cdde04510b215
- Size
  
  32KB
- MD5
  
  5019be7d92b5592fc337ff4df27a2cd0
- SHA1
  
  8a676e6f6e18c8278cf1248b8b826d9e2727d1d5
- SHA256
  
  40d74e45733059440a946132333b6cd11e7a171f6d7288b07a7cdde04510b215
- SHA512
  
  aed31187087c408fccc5174d184458451e23ca74de4c19b559572c5b601020d07f1a8e45a1a70922b7ce6014403171c769b02f113ec992c4c62eadbd8a5176b4
- SSDEEP
  
  384:6ygqBKRO1pb5s4VmW8qaMrn7GPWZzS5jL1WwKg58:6QzbiqaMr8WhYjL1WpgW
Score

8^/10

persistence
- Modifies AppInit DLL entries
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2