c6d579cfbc94d5f340765ceeb3e3cae5e8715aa0a673952f9e22d17e0916e748 | Triage

Sharing

General

Target

Trojan-Ransom.Win32.Blocker.dila-c6d579cfbc94d5f340765ceeb3e3cae5e8715aa0a673952f9e22d17e0916e748
Size

340KB
Sample

221106-vn2xnsegcm
MD5

27e61de8159a6375fb130af6a542fac2
SHA1

e5231229565a41328bb926728d10c7eb6804c9b6
SHA256

c6d579cfbc94d5f340765ceeb3e3cae5e8715aa0a673952f9e22d17e0916e748
SHA512

d188545f54d566c51b5fe11a285f0d335846d065b095b6e7669d984d1bebe36235e786e090571b9443680b8e74b5064fc6087230d3b38bb7138391793b268a6a
SSDEEP

6144:9KCbH1+U3oT6rhzUFN1HscoK1QBpm4Z48YaU3jD8VE40gqRd9DL:9b3O9FscoVLj48YaU3AEqcdV

Score

8^/10

aspackv2 persistence

Malware Config

Targets

- Target
  
  Trojan-Ransom.Win32.Blocker.dila-c6d579cfbc94d5f340765ceeb3e3cae5e8715aa0a673952f9e22d17e0916e748
- Size
  
  340KB
- MD5
  
  27e61de8159a6375fb130af6a542fac2
- SHA1
  
  e5231229565a41328bb926728d10c7eb6804c9b6
- SHA256
  
  c6d579cfbc94d5f340765ceeb3e3cae5e8715aa0a673952f9e22d17e0916e748
- SHA512
  
  d188545f54d566c51b5fe11a285f0d335846d065b095b6e7669d984d1bebe36235e786e090571b9443680b8e74b5064fc6087230d3b38bb7138391793b268a6a
- SSDEEP
  
  6144:9KCbH1+U3oT6rhzUFN1HscoK1QBpm4Z48YaU3jD8VE40gqRd9DL:9b3O9FscoVLj48YaU3AEqcdV
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2