80b0ec6c0842960454af796a51115bf0f1acbc034e23a54033c9c9550eed41a3 | Triage

Sharing

General

Target

80b0ec6c0842960454af796a51115bf0f1acbc034e23a54033c9c9550eed41a3
Size

135KB
Sample

221125-z6cgysfg69
MD5

c3ae7a6b6f91d1df6f091edb6dc90a3d
SHA1

d72c2c1d3b2b08a4df9a701396762f17250d0aac
SHA256

80b0ec6c0842960454af796a51115bf0f1acbc034e23a54033c9c9550eed41a3
SHA512

1431c449067ad7913bc3df7d9566522a9085c0da4884001c31711a8efa5d468e211e919b9cd5bdb478d18ad5be2d66dd0bdde2d5bc55c23b925ca9d84e7cb19c
SSDEEP

3072:Ny6wbzUVhdSa2cAd89RZ6hSpUglNpXSF5vJDTdscuP6d/:kLXUpe9hSxNpYJxdTuPQ/

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  80b0ec6c0842960454af796a51115bf0f1acbc034e23a54033c9c9550eed41a3
- Size
  
  135KB
- MD5
  
  c3ae7a6b6f91d1df6f091edb6dc90a3d
- SHA1
  
  d72c2c1d3b2b08a4df9a701396762f17250d0aac
- SHA256
  
  80b0ec6c0842960454af796a51115bf0f1acbc034e23a54033c9c9550eed41a3
- SHA512
  
  1431c449067ad7913bc3df7d9566522a9085c0da4884001c31711a8efa5d468e211e919b9cd5bdb478d18ad5be2d66dd0bdde2d5bc55c23b925ca9d84e7cb19c
- SSDEEP
  
  3072:Ny6wbzUVhdSa2cAd89RZ6hSpUglNpXSF5vJDTdscuP6d/:kLXUpe9hSxNpYJxdTuPQ/
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
- Checks for any installed AV software in registry
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2