655bcf34ba2ecf068a34c806935b85b3ea587f7774664feb5a23909489b2a488 | Triage

Sharing

General

Target

655bcf34ba2ecf068a34c806935b85b3ea587f7774664feb5a23909489b2a488
Size

922KB
Sample

221124-j2753aaf76
MD5

6e3d1f2265806a7e68ed68fab72b4025
SHA1

0c6a51bd908a501fc2f8d5c9c3717a32afecd0e1
SHA256

655bcf34ba2ecf068a34c806935b85b3ea587f7774664feb5a23909489b2a488
SHA512

8c046f7b2c3500f6b710028992721c0e51b33306834021fdff2466bf8fa01e579f82bd50f138ffc8a2ce579f691f0d0f62a1c781ac198c4a1447af3bada953e7
SSDEEP

24576:I1kAm3fGdwZC0G4zE7Gn0mGmHSvad2GNKADX1ADdi:wkAQ++ZC0G4zE7GFG7CnNV1ADdi

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  DCN_PRO_FREE_5_11_2557.exe
- Size
  
  935KB
- MD5
  
  499f9f1ef96f7ceaff8822a219e2d721
- SHA1
  
  a653e05a45f9f47651af89e34b1f856dbde82820
- SHA256
  
  35424f2a7588880cd318c667729b0217fa8ae592accef251b9713a396ed653a2
- SHA512
  
  d0e1aab02508455afb453feb0e9e940d107951e4de30a27c00b12c188d0446b34adf985310822e46d6a5b625930881cc7750c66876e96d30f818ffd3c098e5f5
- SSDEEP
  
  12288:ELnhM2vZsZ2NDSgB/ZVL5WxewJB6LOgPe2ubegiUAyNiRnj17+o7QLZrvXxNcs:E6WZsgVSqxVLEewn6PPSribR7+hNTXB
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2