daaa2080806a9aa60f5b34d216008f563a5b8f1e0280ee5a8242ee3e288ab414 | Triage

Sharing

General

Target

daaa2080806a9aa60f5b34d216008f563a5b8f1e0280ee5a8242ee3e288ab414
Size

802KB
Sample

221123-lt379acc85
MD5

f13de32bd797d37585860968b8959ed6
SHA1

982d4512571667789df33cee965af591071b8de2
SHA256

daaa2080806a9aa60f5b34d216008f563a5b8f1e0280ee5a8242ee3e288ab414
SHA512

31436b7f861de980f19eb08961c823a43644680a244f90c209cdac0945dba6e44aac136a0c37cba5e05717e3aae30e9e494ac9fdcbbbabfb343b40664643b704
SSDEEP

12288:LFAd2HHO/3X5eST+57A7bY2079eXz96JnBezokeC9M2:LmqM3JFTuA79Y9ckJnBezokHM

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  daaa2080806a9aa60f5b34d216008f563a5b8f1e0280ee5a8242ee3e288ab414
- Size
  
  802KB
- MD5
  
  f13de32bd797d37585860968b8959ed6
- SHA1
  
  982d4512571667789df33cee965af591071b8de2
- SHA256
  
  daaa2080806a9aa60f5b34d216008f563a5b8f1e0280ee5a8242ee3e288ab414
- SHA512
  
  31436b7f861de980f19eb08961c823a43644680a244f90c209cdac0945dba6e44aac136a0c37cba5e05717e3aae30e9e494ac9fdcbbbabfb343b40664643b704
- SSDEEP
  
  12288:LFAd2HHO/3X5eST+57A7bY2079eXz96JnBezokeC9M2:LmqM3JFTuA79Y9ckJnBezokHM
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2