ad55f2bd3b19f725fb53e4dd13c80936dfbb2d8a14a7327d29b19ceb7cc61ef2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad55f2bd3b19f725fb53e4dd13c80936dfbb2d8a14a7327d29b19ceb7cc61ef2
Size

145KB
Sample

221106-1lqdracha3
MD5

0e61bcd8d38578b68186f146914e92e0
SHA1

3ee7770f9a8e0c6c4a962659baa3082097fafcbc
SHA256

ad55f2bd3b19f725fb53e4dd13c80936dfbb2d8a14a7327d29b19ceb7cc61ef2
SHA512

1ba1abe81b25c6be41a198cf7b7ba76a9705da4e2f7d318d33cd85348a37fb6596464a9e5ca3dc40686f16101d8c2b7329cb5066c86a4fc8760e27b7c1c1b66d
SSDEEP

3072:Mae+scKB6+j2KkErn71HXeUg7wlT0uawqoNLboIVcjb8lERGl:lsjSKkqTgya8J

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  ad55f2bd3b19f725fb53e4dd13c80936dfbb2d8a14a7327d29b19ceb7cc61ef2
- Size
  
  145KB
- MD5
  
  0e61bcd8d38578b68186f146914e92e0
- SHA1
  
  3ee7770f9a8e0c6c4a962659baa3082097fafcbc
- SHA256
  
  ad55f2bd3b19f725fb53e4dd13c80936dfbb2d8a14a7327d29b19ceb7cc61ef2
- SHA512
  
  1ba1abe81b25c6be41a198cf7b7ba76a9705da4e2f7d318d33cd85348a37fb6596464a9e5ca3dc40686f16101d8c2b7329cb5066c86a4fc8760e27b7c1c1b66d
- SSDEEP
  
  3072:Mae+scKB6+j2KkErn71HXeUg7wlT0uawqoNLboIVcjb8lERGl:lsjSKkqTgya8J
Score

10^/10

persistence
- Modifies system executable filetype association
  persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Change Default File Association

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2