d87d8843c37984ca6d438f6739796020ac454d41632cf62bd1c79572a84c3625 | Triage

Sharing

General

Target

d87d8843c37984ca6d438f6739796020ac454d41632cf62bd1c79572a84c3625
Size

118KB
Sample

221123-k3xamade2t
MD5

0a84ac9f13391bb7954a24c94e5ac5dd
SHA1

3a372065a70ab1f739957968d8a719dea66d0a7e
SHA256

d87d8843c37984ca6d438f6739796020ac454d41632cf62bd1c79572a84c3625
SHA512

df4e0e7511d10d6260e41b2e0ee67e9eba5f420a593406df004918c82256fe57f4902ad580b09052f5178a08de6541f3553797c9bc2f54b1024c2b540888d0f4
SSDEEP

768:D01gRvMdlyGaxJQbew1IQqrzW5LZMQfjZ89jDJKnMQX5:D02qd9axJsFxDjZ893wnFp

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  d87d8843c37984ca6d438f6739796020ac454d41632cf62bd1c79572a84c3625
- Size
  
  118KB
- MD5
  
  0a84ac9f13391bb7954a24c94e5ac5dd
- SHA1
  
  3a372065a70ab1f739957968d8a719dea66d0a7e
- SHA256
  
  d87d8843c37984ca6d438f6739796020ac454d41632cf62bd1c79572a84c3625
- SHA512
  
  df4e0e7511d10d6260e41b2e0ee67e9eba5f420a593406df004918c82256fe57f4902ad580b09052f5178a08de6541f3553797c9bc2f54b1024c2b540888d0f4
- SSDEEP
  
  768:D01gRvMdlyGaxJQbew1IQqrzW5LZMQfjZ89jDJKnMQX5:D02qd9axJsFxDjZ893wnFp
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2