201d6cee594f4b4fb7445b7d65d79ec6574ce56463e76e5a4574b4d5ec264542 | Triage

Submit
Reports

Overview

overview

7

Static

static

5

201d6cee59...42.exe

windows7-x64

7

201d6cee59...42.exe

windows10-2004-x64

7

Sharing

General

Target

201d6cee594f4b4fb7445b7d65d79ec6574ce56463e76e5a4574b4d5ec264542
Size

723KB
Sample

221123-lj9maafa5x
MD5

bdb6a69ae23569a7dfb3259fefde14a5
SHA1

b0d24b8a75ea8ff8e22a1ff4e7fa2dea4e4f2749
SHA256

201d6cee594f4b4fb7445b7d65d79ec6574ce56463e76e5a4574b4d5ec264542
SHA512

3f26af94b584121d133216709653d3ee7495e67debb78fc569dd12149c3fde277e3a853464feea81bd113d324d8767948946844134396f90b7bf89b0a119e908
SSDEEP

12288:ERBk7MpC7tYR4eYLEkiw4PKEgOHS1ZBvKEjGbCAlLxgajRy9hH:EFQeYLbKKEPS1bvKE2JCajRUH

Score

7^/10

persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

201d6cee594f4b4fb7445b7d65d79ec6574ce56463e76e5a4574b4d5ec264542.exe

Resource

win7-20221111-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

201d6cee594f4b4fb7445b7d65d79ec6574ce56463e76e5a4574b4d5ec264542.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  201d6cee594f4b4fb7445b7d65d79ec6574ce56463e76e5a4574b4d5ec264542
- Size
  
  723KB
- MD5
  
  bdb6a69ae23569a7dfb3259fefde14a5
- SHA1
  
  b0d24b8a75ea8ff8e22a1ff4e7fa2dea4e4f2749
- SHA256
  
  201d6cee594f4b4fb7445b7d65d79ec6574ce56463e76e5a4574b4d5ec264542
- SHA512
  
  3f26af94b584121d133216709653d3ee7495e67debb78fc569dd12149c3fde277e3a853464feea81bd113d324d8767948946844134396f90b7bf89b0a119e908
- SSDEEP
  
  12288:ERBk7MpC7tYR4eYLEkiw4PKEgOHS1ZBvKEjGbCAlLxgajRy9hH:EFQeYLbKKEPS1bvKE2JCajRUH
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy