7cfdb8a1d766649af4386d8e4af0a1fa60b4b9e3991498116c6a5eacff2b795d | Triage

Sharing

General

Target

7cfdb8a1d766649af4386d8e4af0a1fa60b4b9e3991498116c6a5eacff2b795d
Size

163KB
Sample

221123-sz8s9afg5w
MD5

3871f1f017026b6c6a439902213712cf
SHA1

a664f294c49d184122877046e26c1487fc595dff
SHA256

7cfdb8a1d766649af4386d8e4af0a1fa60b4b9e3991498116c6a5eacff2b795d
SHA512

52db4fd141c5369b92757f2e9b2bef38e5b29e1ddd922cd2651deae215c7dc6608eec73ad56f75d1703e91165866ee5f3a73b3f8c11db3652322fc3854043f0f
SSDEEP

3072:Bz+92mhTMMJ/cPiq5bVin8/e6UN1U/FdcuAC/Qjk+cT:Bz+92mhAMJ/cPl3i8/tUN1nuAC/aS

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  7cfdb8a1d766649af4386d8e4af0a1fa60b4b9e3991498116c6a5eacff2b795d
- Size
  
  163KB
- MD5
  
  3871f1f017026b6c6a439902213712cf
- SHA1
  
  a664f294c49d184122877046e26c1487fc595dff
- SHA256
  
  7cfdb8a1d766649af4386d8e4af0a1fa60b4b9e3991498116c6a5eacff2b795d
- SHA512
  
  52db4fd141c5369b92757f2e9b2bef38e5b29e1ddd922cd2651deae215c7dc6608eec73ad56f75d1703e91165866ee5f3a73b3f8c11db3652322fc3854043f0f
- SSDEEP
  
  3072:Bz+92mhTMMJ/cPiq5bVin8/e6UN1U/FdcuAC/Qjk+cT:Bz+92mhAMJ/cPl3i8/tUN1nuAC/aS
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2