47d7ce255f28ef8cc845d39c4723551c714a38803954bfb56426d7299e27c179 | Triage

Sharing

General

Target

47d7ce255f28ef8cc845d39c4723551c714a38803954bfb56426d7299e27c179
Size

1.8MB
Sample

221030-avarjseccq
MD5

93b6742c20591f034168ed011ee95ccc
SHA1

d75ca95c465842f63824430504619ebbf0e2a766
SHA256

47d7ce255f28ef8cc845d39c4723551c714a38803954bfb56426d7299e27c179
SHA512

ce710556a54c3dc28ebabc5e37b3d1a9dacf26a8b70397b7a6f7872822264f360e7ca76b42571cca0123a03f173c8256a9edd983792e0d1bebfd4d7a7c81e95d
SSDEEP

49152:vUbqTpTbGPJWf7Pza/oy2bPTiti4p8p0mJ:HTbKO6g3bb2r85

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  47d7ce255f28ef8cc845d39c4723551c714a38803954bfb56426d7299e27c179
- Size
  
  1.8MB
- MD5
  
  93b6742c20591f034168ed011ee95ccc
- SHA1
  
  d75ca95c465842f63824430504619ebbf0e2a766
- SHA256
  
  47d7ce255f28ef8cc845d39c4723551c714a38803954bfb56426d7299e27c179
- SHA512
  
  ce710556a54c3dc28ebabc5e37b3d1a9dacf26a8b70397b7a6f7872822264f360e7ca76b42571cca0123a03f173c8256a9edd983792e0d1bebfd4d7a7c81e95d
- SSDEEP
  
  49152:vUbqTpTbGPJWf7Pza/oy2bPTiti4p8p0mJ:HTbKO6g3bb2r85
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2