3fa2bf9bea56db80487599b1b766c5f461dfe9c30591a8e16430b83776a6382f | Triage

Sharing

General

Target

3fa2bf9bea56db80487599b1b766c5f461dfe9c30591a8e16430b83776a6382f
Size

1.8MB
Sample

221125-j8xmxagh3t
MD5

7589ce78249c4f0fd7f749e744886e6f
SHA1

6cfc55ebb41f1474b13dc8b3174fcfb93e7ebef7
SHA256

3fa2bf9bea56db80487599b1b766c5f461dfe9c30591a8e16430b83776a6382f
SHA512

c5f506385399f16829c2aa5e42e8c3f3d1f893936015088a1aadfe77c5bec90877df836736d964062dd99e3097b531b47f137860d89c8766a5c57fe0d02c1b21
SSDEEP

49152:fn+viaD/SHx4gJ4dJFLccy3Rm9l5mo9lbBe3bjw/RXvRF3VJLVx7zzUgMysOzl6D:fn+vtD/SR4U4dJFLTl9l599lbBIvw/tI

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  3fa2bf9bea56db80487599b1b766c5f461dfe9c30591a8e16430b83776a6382f
- Size
  
  1.8MB
- MD5
  
  7589ce78249c4f0fd7f749e744886e6f
- SHA1
  
  6cfc55ebb41f1474b13dc8b3174fcfb93e7ebef7
- SHA256
  
  3fa2bf9bea56db80487599b1b766c5f461dfe9c30591a8e16430b83776a6382f
- SHA512
  
  c5f506385399f16829c2aa5e42e8c3f3d1f893936015088a1aadfe77c5bec90877df836736d964062dd99e3097b531b47f137860d89c8766a5c57fe0d02c1b21
- SSDEEP
  
  49152:fn+viaD/SHx4gJ4dJFLccy3Rm9l5mo9lbBe3bjw/RXvRF3VJLVx7zzUgMysOzl6D:fn+vtD/SR4U4dJFLTl9l599lbBIvw/tI
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2