35c82c6dfe254cbafcf3e893e04a3b3167f2948676fae11fed80367a36761cce | Triage

Sharing

General

Target

35c82c6dfe254cbafcf3e893e04a3b3167f2948676fae11fed80367a36761cce
Size

887KB
Sample

221127-mtm2psbb45
MD5

82bafa5ba697a42f79abc369836f4c06
SHA1

4dcf0486169dcc0358cb4fc9f6cac7dbe25fc18f
SHA256

35c82c6dfe254cbafcf3e893e04a3b3167f2948676fae11fed80367a36761cce
SHA512

613b3f52bdbbf82e3a18fe1d86fa5d35f0011a0a6bea9620755140f2259ad895fbb00857ac2142474439deeef06b8489cdaf7614356decbca1effe6badaabfd0
SSDEEP

24576:w2O/GlJCwczd32AYFnEfHVG4rpc60DGwTgUYFral3:Qd3x1G4TVtrax

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  35c82c6dfe254cbafcf3e893e04a3b3167f2948676fae11fed80367a36761cce
- Size
  
  887KB
- MD5
  
  82bafa5ba697a42f79abc369836f4c06
- SHA1
  
  4dcf0486169dcc0358cb4fc9f6cac7dbe25fc18f
- SHA256
  
  35c82c6dfe254cbafcf3e893e04a3b3167f2948676fae11fed80367a36761cce
- SHA512
  
  613b3f52bdbbf82e3a18fe1d86fa5d35f0011a0a6bea9620755140f2259ad895fbb00857ac2142474439deeef06b8489cdaf7614356decbca1effe6badaabfd0
- SSDEEP
  
  24576:w2O/GlJCwczd32AYFnEfHVG4rpc60DGwTgUYFral3:Qd3x1G4TVtrax
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2