6fa39f26d16654c5b7799bf9c7a24a6435c9f66dd95dabf4e7c43fdfd08ada07 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fa39f26d16654c5b7799bf9c7a24a6435c9f66dd95dabf4e7c43fdfd08ada07
Size

1.0MB
Sample

221030-p15lfabce4
MD5

83ba08ca2969a4074164cfd34dcf8aeb
SHA1

f04043a1cb288b9017bc1925d9dd24d25a1e8587
SHA256

6fa39f26d16654c5b7799bf9c7a24a6435c9f66dd95dabf4e7c43fdfd08ada07
SHA512

3174e7e355225f7e8071f44d0c0a2f977ceedfec7b30d6dda3cdce28ea6bcb990fed846a4d4707e259102e686a63f50af5dc258b4692e3b7cdb98dc966d78268
SSDEEP

24576:n7abJkS1S6qy18sQBX6c+5vP5UCben8Fg:7fS1b7Cw3bCCg

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  6fa39f26d16654c5b7799bf9c7a24a6435c9f66dd95dabf4e7c43fdfd08ada07
- Size
  
  1.0MB
- MD5
  
  83ba08ca2969a4074164cfd34dcf8aeb
- SHA1
  
  f04043a1cb288b9017bc1925d9dd24d25a1e8587
- SHA256
  
  6fa39f26d16654c5b7799bf9c7a24a6435c9f66dd95dabf4e7c43fdfd08ada07
- SHA512
  
  3174e7e355225f7e8071f44d0c0a2f977ceedfec7b30d6dda3cdce28ea6bcb990fed846a4d4707e259102e686a63f50af5dc258b4692e3b7cdb98dc966d78268
- SSDEEP
  
  24576:n7abJkS1S6qy18sQBX6c+5vP5UCben8Fg:7fS1b7Cw3bCCg
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2