3a08fd6f31042a3e3a7c14448c589290a0003bcc84a519e8ad9e9853f52aa6c3 | Triage

Sharing

General

Target

3a08fd6f31042a3e3a7c14448c589290a0003bcc84a519e8ad9e9853f52aa6c3
Size

492KB
Sample

221125-c7ktdsfb99
MD5

a6986c0e2a4d5cc5a4bfdc681f3bc84f
SHA1

1c504c1381b0a6728bcf830c0bcf0254a38b8059
SHA256

3a08fd6f31042a3e3a7c14448c589290a0003bcc84a519e8ad9e9853f52aa6c3
SHA512

c95010c175f740612ab013af8c276d390b21ad12f78b71dbf568d70603cf37ee441c059c03d1f63ba88463b84dd912786ace74382b20ba639a02e8e5fb52d955
SSDEEP

6144:+7zp1f7p3gtzRqZqMt69NuSIoLhrOER0u+GIIIIIIIhIIIIIIIIIIIIIIIUz:+7zpt7p2zRmquY0uhhm5z

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  3a08fd6f31042a3e3a7c14448c589290a0003bcc84a519e8ad9e9853f52aa6c3
- Size
  
  492KB
- MD5
  
  a6986c0e2a4d5cc5a4bfdc681f3bc84f
- SHA1
  
  1c504c1381b0a6728bcf830c0bcf0254a38b8059
- SHA256
  
  3a08fd6f31042a3e3a7c14448c589290a0003bcc84a519e8ad9e9853f52aa6c3
- SHA512
  
  c95010c175f740612ab013af8c276d390b21ad12f78b71dbf568d70603cf37ee441c059c03d1f63ba88463b84dd912786ace74382b20ba639a02e8e5fb52d955
- SSDEEP
  
  6144:+7zp1f7p3gtzRqZqMt69NuSIoLhrOER0u+GIIIIIIIhIIIIIIIIIIIIIIIUz:+7zpt7p2zRmquY0uhhm5z
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2