1e5ce4ddfa7793e18a67643da5a96bd78f97e6ac39b3732a268f3d7b6d97284f | Triage

Sharing

General

Target

1e5ce4ddfa7793e18a67643da5a96bd78f97e6ac39b3732a268f3d7b6d97284f
Size

37KB
Sample

221107-rdy69adbdl
MD5

13031c03e44aa49af3ec9f7dcb51d166
SHA1

25bedd69ca5c5d2a0028e9d29913494bab061b43
SHA256

1e5ce4ddfa7793e18a67643da5a96bd78f97e6ac39b3732a268f3d7b6d97284f
SHA512

4a050fc2ad3082d075bcb319f29cbd84e120aa9409cc82f2191e9f5b82d66eaa999dcf4ae1859b8873e102baf8c4f2c80cc451c4b8cb48d95bf30a49628df475
SSDEEP

768:bd3nmmRmzIZmhNFsIXDkOt8vqpTsep5nFnUiFJzua6rwq:JnmmRmzu0NFPXD+vq1p5nFnUiFh6rb

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  1e5ce4ddfa7793e18a67643da5a96bd78f97e6ac39b3732a268f3d7b6d97284f
- Size
  
  37KB
- MD5
  
  13031c03e44aa49af3ec9f7dcb51d166
- SHA1
  
  25bedd69ca5c5d2a0028e9d29913494bab061b43
- SHA256
  
  1e5ce4ddfa7793e18a67643da5a96bd78f97e6ac39b3732a268f3d7b6d97284f
- SHA512
  
  4a050fc2ad3082d075bcb319f29cbd84e120aa9409cc82f2191e9f5b82d66eaa999dcf4ae1859b8873e102baf8c4f2c80cc451c4b8cb48d95bf30a49628df475
- SSDEEP
  
  768:bd3nmmRmzIZmhNFsIXDkOt8vqpTsep5nFnUiFJzua6rwq:JnmmRmzu0NFPXD+vq1p5nFnUiFh6rb
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2