873498869229bca668b18e8a51e1ae70429d390e3f7a557a4631300b380e5e13 | Triage

Sharing

General

Target

873498869229bca668b18e8a51e1ae70429d390e3f7a557a4631300b380e5e13
Size

4.1MB
Sample

221124-eq2rpabd9s
MD5

3b066172576b44ce0dd4b3e8fd18e45f
SHA1

786380b7ea80726bf05541f6763e1aa3a7d2a928
SHA256

873498869229bca668b18e8a51e1ae70429d390e3f7a557a4631300b380e5e13
SHA512

095c0effa372a85c32cb8ef332aff46e924078e9a668c9428a2ba8f18b27078e85c063f402ad110461fba9c7463524a48f6531bea01173ba66a702e157ae9f81
SSDEEP

98304:AyWG9XDKpfBi8x3Ytva4/qn9qUYiWN7li80QttghDj:zWqXD6fBvada4/UMpHE

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  873498869229bca668b18e8a51e1ae70429d390e3f7a557a4631300b380e5e13
- Size
  
  4.1MB
- MD5
  
  3b066172576b44ce0dd4b3e8fd18e45f
- SHA1
  
  786380b7ea80726bf05541f6763e1aa3a7d2a928
- SHA256
  
  873498869229bca668b18e8a51e1ae70429d390e3f7a557a4631300b380e5e13
- SHA512
  
  095c0effa372a85c32cb8ef332aff46e924078e9a668c9428a2ba8f18b27078e85c063f402ad110461fba9c7463524a48f6531bea01173ba66a702e157ae9f81
- SSDEEP
  
  98304:AyWG9XDKpfBi8x3Ytva4/qn9qUYiWN7li80QttghDj:zWqXD6fBvada4/UMpHE
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2