ff0ff899def71088c850a1050e94d962ec2452d849e43273c46b103a8a839388 | Triage

Sharing

General

Target

ff0ff899def71088c850a1050e94d962ec2452d849e43273c46b103a8a839388
Size

46KB
Sample

221123-psjn1acb24
MD5

c9a3deb22ed82d4b04ace98903eddeac
SHA1

4ff6670f31a5d0c8d48edb3394abdae6511c8aa6
SHA256

ff0ff899def71088c850a1050e94d962ec2452d849e43273c46b103a8a839388
SHA512

601f015a161cab74973bd16c696c84c2aa8066a8d85203c036a193bd2382f9d4b0de3603a2278b510808a83aa5c2e8003c64762ad3f6fd484a20218aa97c471e
SSDEEP

768:Vvfdi1f8dlZ0gEdb1fIViMJX9dilR4UO/dd5pJ2SeHaZYA0HaU0TZ+H4gzc94uNZ:9diV8PJEdblIwMJX9dibKpJaHaQ6U0Tx

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ff0ff899def71088c850a1050e94d962ec2452d849e43273c46b103a8a839388
- Size
  
  46KB
- MD5
  
  c9a3deb22ed82d4b04ace98903eddeac
- SHA1
  
  4ff6670f31a5d0c8d48edb3394abdae6511c8aa6
- SHA256
  
  ff0ff899def71088c850a1050e94d962ec2452d849e43273c46b103a8a839388
- SHA512
  
  601f015a161cab74973bd16c696c84c2aa8066a8d85203c036a193bd2382f9d4b0de3603a2278b510808a83aa5c2e8003c64762ad3f6fd484a20218aa97c471e
- SSDEEP
  
  768:Vvfdi1f8dlZ0gEdb1fIViMJX9dilR4UO/dd5pJ2SeHaZYA0HaU0TZ+H4gzc94uNZ:9diV8PJEdblIwMJX9dibKpJaHaQ6U0Tx
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2