e4782f9027def25cce8bc96a7b2761599694886ea21e460fded5cbb7ed25e648 | Triage

Sharing

General

Target

e4782f9027def25cce8bc96a7b2761599694886ea21e460fded5cbb7ed25e648
Size

27KB
Sample

221107-lvqcsaadg8
MD5

20147c1f20139b546b6a46404bb1c530
SHA1

e46d76eb400ef509e09e3b646f24290c9ec61848
SHA256

e4782f9027def25cce8bc96a7b2761599694886ea21e460fded5cbb7ed25e648
SHA512

a294fbbf35ada4d7122d257e50f9a6e91386c6cd16481b28f9515a4175472a41b4821b9b89ee87271e350e9325db12d3f7a6d8812138942d6ff4b80fc0185958
SSDEEP

768:ctfFQakjSiV4/c2+L0mNvjaRziDG/jDQjjmWze1+Hc9hsta:Y0GB/L+L0mNvjaRziDG/jDQjjmWyoHct

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  e4782f9027def25cce8bc96a7b2761599694886ea21e460fded5cbb7ed25e648
- Size
  
  27KB
- MD5
  
  20147c1f20139b546b6a46404bb1c530
- SHA1
  
  e46d76eb400ef509e09e3b646f24290c9ec61848
- SHA256
  
  e4782f9027def25cce8bc96a7b2761599694886ea21e460fded5cbb7ed25e648
- SHA512
  
  a294fbbf35ada4d7122d257e50f9a6e91386c6cd16481b28f9515a4175472a41b4821b9b89ee87271e350e9325db12d3f7a6d8812138942d6ff4b80fc0185958
- SSDEEP
  
  768:ctfFQakjSiV4/c2+L0mNvjaRziDG/jDQjjmWze1+Hc9hsta:Y0GB/L+L0mNvjaRziDG/jDQjjmWyoHct
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2