60abd754a0f0862a910c94ba97cc47775305b946117abaaad740f21a24bda758 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

60abd754a0f0862a910c94ba97cc47775305b946117abaaad740f21a24bda758
Size

64KB
Sample

221030-zr5j7aaee6
MD5

9212076475e4630b6d0c8ba9aeb4c925
SHA1

5342d84978a9c294a74b8ad6531a397fb1c4069e
SHA256

60abd754a0f0862a910c94ba97cc47775305b946117abaaad740f21a24bda758
SHA512

6545b67d1c51dd77d7e77cb96cd52edcfdf9eb6c9b633c51caec1aa4e940a63c301d18e140c057f7685370214494fa3a2e3ea3042c46836489df778d6b83f49c
SSDEEP

768:zaqPPDcHe0gmiPXrJkbu48FJXWLXrF1a/dhUyJkvoiHA9ezyWpv5/6l5Tx7:zdbYeciP7JkbuZGX/azvkv2wX5qTl

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  60abd754a0f0862a910c94ba97cc47775305b946117abaaad740f21a24bda758
- Size
  
  64KB
- MD5
  
  9212076475e4630b6d0c8ba9aeb4c925
- SHA1
  
  5342d84978a9c294a74b8ad6531a397fb1c4069e
- SHA256
  
  60abd754a0f0862a910c94ba97cc47775305b946117abaaad740f21a24bda758
- SHA512
  
  6545b67d1c51dd77d7e77cb96cd52edcfdf9eb6c9b633c51caec1aa4e940a63c301d18e140c057f7685370214494fa3a2e3ea3042c46836489df778d6b83f49c
- SSDEEP
  
  768:zaqPPDcHe0gmiPXrJkbu48FJXWLXrF1a/dhUyJkvoiHA9ezyWpv5/6l5Tx7:zdbYeciP7JkbuZGX/azvkv2wX5qTl
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2