c983de3543428e7a63be60309afadb2ff32d1b52f82b8bd70c504346add58e32 | Triage

Sharing

General

Target

c983de3543428e7a63be60309afadb2ff32d1b52f82b8bd70c504346add58e32
Size

226KB
Sample

221124-x1h2fadf67
MD5

c9bf7ea577aefa16295c173cd5cd8004
SHA1

8401e5697a1f9a121f6f7fb79936e6d569cb399d
SHA256

c983de3543428e7a63be60309afadb2ff32d1b52f82b8bd70c504346add58e32
SHA512

460fe7b616b27e15b8bf7974c6c79eb64282b686e39cdc75d2b31085b7b9e0cc4863a2677e42780fee0bc95542bc8cbd11434b68119900569a468e8c33017372
SSDEEP

3072:39eHdrLqXYpxLnmVHs67aaaaaaiWiLwsfsQjGClriILIL2nbBB5rA42hLUrvM6kA:39MdrLqXYpxL5WiJUZZ2BrA4XOjk

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c983de3543428e7a63be60309afadb2ff32d1b52f82b8bd70c504346add58e32
- Size
  
  226KB
- MD5
  
  c9bf7ea577aefa16295c173cd5cd8004
- SHA1
  
  8401e5697a1f9a121f6f7fb79936e6d569cb399d
- SHA256
  
  c983de3543428e7a63be60309afadb2ff32d1b52f82b8bd70c504346add58e32
- SHA512
  
  460fe7b616b27e15b8bf7974c6c79eb64282b686e39cdc75d2b31085b7b9e0cc4863a2677e42780fee0bc95542bc8cbd11434b68119900569a468e8c33017372
- SSDEEP
  
  3072:39eHdrLqXYpxLnmVHs67aaaaaaiWiLwsfsQjGClriILIL2nbBB5rA42hLUrvM6kA:39MdrLqXYpxL5WiJUZZ2BrA4XOjk
Score

8^/10

persistence
- Drops file in Drivers directory
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2