07a7daa188009040241d8ffcc0e9f760c30dae7599fbe12e7df755623d7a74d6 | Triage

Sharing

General

Target

07a7daa188009040241d8ffcc0e9f760c30dae7599fbe12e7df755623d7a74d6
Size

97KB
Sample

221123-lryvracb38
MD5

e3224603fe2aaaec7a274c5d55252a04
SHA1

8e815fc7e307485fa34e12f4f8e408bb10ea23dd
SHA256

07a7daa188009040241d8ffcc0e9f760c30dae7599fbe12e7df755623d7a74d6
SHA512

f01581ffebbde05c11de55d500b41c6129bbaa1134bbb22869ed160c9883cc40f2d9513b58e4fc5380ab05b73791477e9c496f499ca7b35ecbe928d7cda69fda
SSDEEP

1536:Q2QVxKF03OXuK9s7/sEguuULsN3rhZurqODNrrQYey6iexQ1q2rTAmjq8cMGL:DYjyuKWgEgQIhCDnQY8nxQ1BrUSqVMM

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  07a7daa188009040241d8ffcc0e9f760c30dae7599fbe12e7df755623d7a74d6
- Size
  
  97KB
- MD5
  
  e3224603fe2aaaec7a274c5d55252a04
- SHA1
  
  8e815fc7e307485fa34e12f4f8e408bb10ea23dd
- SHA256
  
  07a7daa188009040241d8ffcc0e9f760c30dae7599fbe12e7df755623d7a74d6
- SHA512
  
  f01581ffebbde05c11de55d500b41c6129bbaa1134bbb22869ed160c9883cc40f2d9513b58e4fc5380ab05b73791477e9c496f499ca7b35ecbe928d7cda69fda
- SSDEEP
  
  1536:Q2QVxKF03OXuK9s7/sEguuULsN3rhZurqODNrrQYey6iexQ1q2rTAmjq8cMGL:DYjyuKWgEgQIhCDnQY8nxQ1BrUSqVMM
Score

8^/10

persistence
- Sets DLL path for service in the registry
  persistence
- Sets service image path in registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2