3029ffb49590060fbd8dec845e6011cdfd4693f0064fe679d2d47d904b718055 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3029ffb49590060fbd8dec845e6011cdfd4693f0064fe679d2d47d904b718055
Size

85KB
Sample

221029-ypdg9acge3
MD5

48ca6e8c17ddf6ed9541c1749bdba41d
SHA1

6e3c8f75d2bc4779aabf13e72644af71b16dc44c
SHA256

3029ffb49590060fbd8dec845e6011cdfd4693f0064fe679d2d47d904b718055
SHA512

0f300ee12a9471387b595612888a7419537d66a9822b7ffe22dcc62393064d3b294c7cfa9790b6c3f449d0fe59d906f7e1098209ea3ae16e6adbe44ecfa83821
SSDEEP

1536:EGLSNZSOyF90ewor4ZXkl3CkxRpliHyPm:Luty0fVxIywiS

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  3029ffb49590060fbd8dec845e6011cdfd4693f0064fe679d2d47d904b718055
- Size
  
  85KB
- MD5
  
  48ca6e8c17ddf6ed9541c1749bdba41d
- SHA1
  
  6e3c8f75d2bc4779aabf13e72644af71b16dc44c
- SHA256
  
  3029ffb49590060fbd8dec845e6011cdfd4693f0064fe679d2d47d904b718055
- SHA512
  
  0f300ee12a9471387b595612888a7419537d66a9822b7ffe22dcc62393064d3b294c7cfa9790b6c3f449d0fe59d906f7e1098209ea3ae16e6adbe44ecfa83821
- SSDEEP
  
  1536:EGLSNZSOyF90ewor4ZXkl3CkxRpliHyPm:Luty0fVxIywiS
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2