9405f0dec6365f75321bec069c151fc3bb100c1dad48989db9d26839359406b2 | Triage

Sharing

General

Target

9405f0dec6365f75321bec069c151fc3bb100c1dad48989db9d26839359406b2
Size

1.9MB
Sample

221125-vxdansfe81
MD5

40a6e0c4e68324231837f3fa948900e0
SHA1

086f6f2bd79eda871ddec3ff555b8861354ca304
SHA256

9405f0dec6365f75321bec069c151fc3bb100c1dad48989db9d26839359406b2
SHA512

01fca3c2ec2194b68b0b33081d8bc900f49d1cb0f614cf7668ff722b9719bae9e362a22ab3cad3a31f180a2343d3e79b4cd7d4480214e1407173e051606fbde4
SSDEEP

49152:vxwljzvhP2OiwnuftClNeFpy6oomoqPLe5ZfIvDCQZ7Z:p+hjiwnOClfkXqPyCvDCQ

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  9405f0dec6365f75321bec069c151fc3bb100c1dad48989db9d26839359406b2
- Size
  
  1.9MB
- MD5
  
  40a6e0c4e68324231837f3fa948900e0
- SHA1
  
  086f6f2bd79eda871ddec3ff555b8861354ca304
- SHA256
  
  9405f0dec6365f75321bec069c151fc3bb100c1dad48989db9d26839359406b2
- SHA512
  
  01fca3c2ec2194b68b0b33081d8bc900f49d1cb0f614cf7668ff722b9719bae9e362a22ab3cad3a31f180a2343d3e79b4cd7d4480214e1407173e051606fbde4
- SSDEEP
  
  49152:vxwljzvhP2OiwnuftClNeFpy6oomoqPLe5ZfIvDCQZ7Z:p+hjiwnOClfkXqPyCvDCQ
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2