38aed7b78f01e9f72f446e481fea6cb2998cfb42891c94ec0a84a679217ea472 | Triage

Sharing

General

Target

38aed7b78f01e9f72f446e481fea6cb2998cfb42891c94ec0a84a679217ea472
Size

104KB
Sample

221107-1ephwacgdq
MD5

012d5480375178478f554b1e43f833f6
SHA1

55a7ef83e047b769979d0deeefca3c48a50c1e31
SHA256

38aed7b78f01e9f72f446e481fea6cb2998cfb42891c94ec0a84a679217ea472
SHA512

d77e9ff91922fe4f3849375b3350a16d7d143370246873cba1ef62bc10e692ac5a108ae516734ffcb5b45c3f7eb41e16a8399774e9cae651a1025f9e07de7c0a
SSDEEP

384:apoCD4CTj3LDc6cZo11k4oh8Gi3umI7PkvvGd2Z6cp8thFKgMLW7FJDlKNAUlDnF:2DZTj7DcHe01re8XFjk+sx9E6yPjseA

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  38aed7b78f01e9f72f446e481fea6cb2998cfb42891c94ec0a84a679217ea472
- Size
  
  104KB
- MD5
  
  012d5480375178478f554b1e43f833f6
- SHA1
  
  55a7ef83e047b769979d0deeefca3c48a50c1e31
- SHA256
  
  38aed7b78f01e9f72f446e481fea6cb2998cfb42891c94ec0a84a679217ea472
- SHA512
  
  d77e9ff91922fe4f3849375b3350a16d7d143370246873cba1ef62bc10e692ac5a108ae516734ffcb5b45c3f7eb41e16a8399774e9cae651a1025f9e07de7c0a
- SSDEEP
  
  384:apoCD4CTj3LDc6cZo11k4oh8Gi3umI7PkvvGd2Z6cp8thFKgMLW7FJDlKNAUlDnF:2DZTj7DcHe01re8XFjk+sx9E6yPjseA
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2