b9814a1412b8e75a3ad2cc20ceb8fb29481083abdc68eed89cc0f16c16d30edb | Triage

Sharing

General

Target

malware100
Size

310KB
Sample

221106-mw6a3aafbp
MD5

2413479832b9b9321256acf0fce95d57
SHA1

461e4d216541030229f5dfa682abd484b99a1c6c
SHA256

b9814a1412b8e75a3ad2cc20ceb8fb29481083abdc68eed89cc0f16c16d30edb
SHA512

5ad47558a002536295cb910109c12171312db0f9e24cb17ac9aab7a3c0715ae3ae095f9c4a77a66a5dc2e16ce4479a4f21174b0001608422cdaa22506922f91c
SSDEEP

6144:8cqoSgQc51P9A50S+F6uDbF9ayNfwNlPoaJUGUgNMEM9Ms5lfp4a:8FoS+1HS+F6ULP6SaJBDNMEeMxa

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  malware100
- Size
  
  310KB
- MD5
  
  2413479832b9b9321256acf0fce95d57
- SHA1
  
  461e4d216541030229f5dfa682abd484b99a1c6c
- SHA256
  
  b9814a1412b8e75a3ad2cc20ceb8fb29481083abdc68eed89cc0f16c16d30edb
- SHA512
  
  5ad47558a002536295cb910109c12171312db0f9e24cb17ac9aab7a3c0715ae3ae095f9c4a77a66a5dc2e16ce4479a4f21174b0001608422cdaa22506922f91c
- SSDEEP
  
  6144:8cqoSgQc51P9A50S+F6uDbF9ayNfwNlPoaJUGUgNMEM9Ms5lfp4a:8FoS+1HS+F6ULP6SaJBDNMEeMxa
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2