a8bfd495c04bd056215fcba7458a23658d3777d7a85cffe47c30d74f27174a92 | Triage

Sharing

General

Target

a8bfd495c04bd056215fcba7458a23658d3777d7a85cffe47c30d74f27174a92
Size

108KB
Sample

221123-qqbq2see77
MD5

4403f1b89f7efe612f2ac629802cf5cf
SHA1

8f278ce6e2e5f78622975aa174752f510ac2b1b8
SHA256

a8bfd495c04bd056215fcba7458a23658d3777d7a85cffe47c30d74f27174a92
SHA512

d4e3c5995c760a176369cd9123ee29f405dd3a84bdc00b501164a26b9151041ace2e2db89c84b47a63c5a2d43ab76cbedcc43525af037fdfbde68bd418ecb8a1
SSDEEP

1536:Ri8nD11E3mmN/BZ0lpY8bPfMGPckF+MGexDRdLBjTgyP5xp9alGD7OP96nCE2NBz:RdBe3mmN/BLDGPwMfDRP4yPp9bOwnds

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a8bfd495c04bd056215fcba7458a23658d3777d7a85cffe47c30d74f27174a92
- Size
  
  108KB
- MD5
  
  4403f1b89f7efe612f2ac629802cf5cf
- SHA1
  
  8f278ce6e2e5f78622975aa174752f510ac2b1b8
- SHA256
  
  a8bfd495c04bd056215fcba7458a23658d3777d7a85cffe47c30d74f27174a92
- SHA512
  
  d4e3c5995c760a176369cd9123ee29f405dd3a84bdc00b501164a26b9151041ace2e2db89c84b47a63c5a2d43ab76cbedcc43525af037fdfbde68bd418ecb8a1
- SSDEEP
  
  1536:Ri8nD11E3mmN/BZ0lpY8bPfMGPckF+MGexDRdLBjTgyP5xp9alGD7OP96nCE2NBz:RdBe3mmN/BLDGPwMfDRP4yPp9bOwnds
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2