e8861345662885f0b056f5046ed701ba0f5b1db3875464ec86da5bb1244a02a5 | Triage

Sharing

General

Target

e8861345662885f0b056f5046ed701ba0f5b1db3875464ec86da5bb1244a02a5
Size

202KB
Sample

221124-v5xz2shg93
MD5

acc5cc302ef1db44090ff734b6467e53
SHA1

f539e077325e8df0da44fd7caaae7755a8fc2b67
SHA256

e8861345662885f0b056f5046ed701ba0f5b1db3875464ec86da5bb1244a02a5
SHA512

5d9ad2526638c1e65c7236a94189634e77c84dd010a7776acf64e9f02a693fc398f5f2d0112b0825b70118e3bc5e2f1a61653936deab2993dc012031b0906442
SSDEEP

3072:NK4pAKaF0+xVf/qLkmpZ+rjmuHLBKeAYs5FT0nvvgJZdsVNwoCv:NlaF0uV6LkmLgmbws5FT0ngJZ6Nwoc

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  e8861345662885f0b056f5046ed701ba0f5b1db3875464ec86da5bb1244a02a5
- Size
  
  202KB
- MD5
  
  acc5cc302ef1db44090ff734b6467e53
- SHA1
  
  f539e077325e8df0da44fd7caaae7755a8fc2b67
- SHA256
  
  e8861345662885f0b056f5046ed701ba0f5b1db3875464ec86da5bb1244a02a5
- SHA512
  
  5d9ad2526638c1e65c7236a94189634e77c84dd010a7776acf64e9f02a693fc398f5f2d0112b0825b70118e3bc5e2f1a61653936deab2993dc012031b0906442
- SSDEEP
  
  3072:NK4pAKaF0+xVf/qLkmpZ+rjmuHLBKeAYs5FT0nvvgJZdsVNwoCv:NlaF0uV6LkmLgmbws5FT0ngJZ6Nwoc
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2