208a692e9244d8f541651eb4b1e01b30cbbaec3c604dc66e527c4c5055d50733 | Triage

Sharing

General

Target

208a692e9244d8f541651eb4b1e01b30cbbaec3c604dc66e527c4c5055d50733
Size

49KB
Sample

221125-ek6hpadf4v
MD5

042684e97b7cf5b84a3e78daa52aaa50
SHA1

e847185be92aa176536b0d6f807c8467bbcce2ab
SHA256

208a692e9244d8f541651eb4b1e01b30cbbaec3c604dc66e527c4c5055d50733
SHA512

432dd6ae26fa249e7442409f9376e8bb3fcec98e3830212f89387101bcd882d154ef767c570ccc78c523aeaa9d41ee2e186ce7feb8599aa4cffe25c2dbde2669
SSDEEP

768:QQPhPRtXHnscj7H5ThHv62cCjvHubO3JS2vPxWf8CPVrlO/To:Q4PRtdj7H59S2nvqKJ3u8+rlO8

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  208a692e9244d8f541651eb4b1e01b30cbbaec3c604dc66e527c4c5055d50733
- Size
  
  49KB
- MD5
  
  042684e97b7cf5b84a3e78daa52aaa50
- SHA1
  
  e847185be92aa176536b0d6f807c8467bbcce2ab
- SHA256
  
  208a692e9244d8f541651eb4b1e01b30cbbaec3c604dc66e527c4c5055d50733
- SHA512
  
  432dd6ae26fa249e7442409f9376e8bb3fcec98e3830212f89387101bcd882d154ef767c570ccc78c523aeaa9d41ee2e186ce7feb8599aa4cffe25c2dbde2669
- SSDEEP
  
  768:QQPhPRtXHnscj7H5ThHv62cCjvHubO3JS2vPxWf8CPVrlO/To:Q4PRtdj7H59S2nvqKJ3u8+rlO8
Score

8^/10

persistence
- Modifies AppInit DLL entries
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2