09adcc3db610b4f19696db9c601ec2b51d49dc29fd164a16f065a6086c03b01c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09adcc3db610b4f19696db9c601ec2b51d49dc29fd164a16f065a6086c03b01c
Size

461KB
Sample

221128-dt8tqsfb41
MD5

fda9ffcb50b7a2e3c957ce378ea151a7
SHA1

36814cf9d20c86cdc892fa0ab1c7a131d844c933
SHA256

09adcc3db610b4f19696db9c601ec2b51d49dc29fd164a16f065a6086c03b01c
SHA512

3637cadd011ec39dca6933f769a276bb2c51efece849bd8824948697b9c366410e265dfb3a4b5ac02a061d140ecab4a1dd7409b6d9ba7e6bef0ac4f2e850ef48
SSDEEP

12288:GFszBhqS5mvTyPDqW8Wu7nQhqtOpwaoLFHOa90Ry:GFszWS5UTyLqMu7upwaoLFHr9f

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  09adcc3db610b4f19696db9c601ec2b51d49dc29fd164a16f065a6086c03b01c
- Size
  
  461KB
- MD5
  
  fda9ffcb50b7a2e3c957ce378ea151a7
- SHA1
  
  36814cf9d20c86cdc892fa0ab1c7a131d844c933
- SHA256
  
  09adcc3db610b4f19696db9c601ec2b51d49dc29fd164a16f065a6086c03b01c
- SHA512
  
  3637cadd011ec39dca6933f769a276bb2c51efece849bd8824948697b9c366410e265dfb3a4b5ac02a061d140ecab4a1dd7409b6d9ba7e6bef0ac4f2e850ef48
- SSDEEP
  
  12288:GFszBhqS5mvTyPDqW8Wu7nQhqtOpwaoLFHOa90Ry:GFszWS5UTyLqMu7upwaoLFHr9f
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2