2dc97afe7b079eb95b9b875ae8d836f8d7140582328e2eed894a410eb67e47e2 | Triage

Sharing

General

Target

2dc97afe7b079eb95b9b875ae8d836f8d7140582328e2eed894a410eb67e47e2
Size

1.3MB
Sample

221124-ggfh7sfe8v
MD5

a1bda40c59fd27a982da6e38712d0f0a
SHA1

8b67c4ae2806d9a68a4471687bb05e69a639340a
SHA256

2dc97afe7b079eb95b9b875ae8d836f8d7140582328e2eed894a410eb67e47e2
SHA512

6362eb6e0745ee7d059974d1eadd1ffb31599f43a96cc57bd4c2f285e2db2f0fc28befadb964333cb892325db2314be8689faf62c56273a4590e9e5b2965ca1f
SSDEEP

24576:116ATdlcMtqmaK5T4ddwIetMYVYzgKSzu8eYIIhGlAxhiYtoXFitA4oQu4omQ0:116AplhtZR5CwIjYMzSzu8eYI8GlAxhN

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  2dc97afe7b079eb95b9b875ae8d836f8d7140582328e2eed894a410eb67e47e2
- Size
  
  1.3MB
- MD5
  
  a1bda40c59fd27a982da6e38712d0f0a
- SHA1
  
  8b67c4ae2806d9a68a4471687bb05e69a639340a
- SHA256
  
  2dc97afe7b079eb95b9b875ae8d836f8d7140582328e2eed894a410eb67e47e2
- SHA512
  
  6362eb6e0745ee7d059974d1eadd1ffb31599f43a96cc57bd4c2f285e2db2f0fc28befadb964333cb892325db2314be8689faf62c56273a4590e9e5b2965ca1f
- SSDEEP
  
  24576:116ATdlcMtqmaK5T4ddwIetMYVYzgKSzu8eYIIhGlAxhiYtoXFitA4oQu4omQ0:116AplhtZR5CwIjYMzSzu8eYI8GlAxhN
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2