defd5592e80cc165b141813b398a2222b55551307bdc16f7e7e2aa51c4e641c5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

defd5592e80cc165b141813b398a2222b55551307bdc16f7e7e2aa51c4e641c5
Size

6.1MB
Sample

221124-jfe76aca8v
MD5

965c5e59b5c985c582448c716a4c342c
SHA1

3f49e43a524ca2674f7ee68891a7cb5b59463537
SHA256

defd5592e80cc165b141813b398a2222b55551307bdc16f7e7e2aa51c4e641c5
SHA512

f5b422825831ad08c72b8a48ca3a8d063aab5933de5869d38974fc38b88214b444a3eb38f9a1cdf369e6972b49eface604c1368c0a526e38e398445668f38a9a
SSDEEP

196608:eukk4kHbBHTnqjazxMBC9YXsBgBXiToQL7:HkkFb5nTtM8ucBgxYoQH

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  defd5592e80cc165b141813b398a2222b55551307bdc16f7e7e2aa51c4e641c5
- Size
  
  6.1MB
- MD5
  
  965c5e59b5c985c582448c716a4c342c
- SHA1
  
  3f49e43a524ca2674f7ee68891a7cb5b59463537
- SHA256
  
  defd5592e80cc165b141813b398a2222b55551307bdc16f7e7e2aa51c4e641c5
- SHA512
  
  f5b422825831ad08c72b8a48ca3a8d063aab5933de5869d38974fc38b88214b444a3eb38f9a1cdf369e6972b49eface604c1368c0a526e38e398445668f38a9a
- SSDEEP
  
  196608:eukk4kHbBHTnqjazxMBC9YXsBgBXiToQL7:HkkFb5nTtM8ucBgxYoQH
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2