06e4db861e096383c30a5562be502607b38a1e5eedd38edf7559050c1c2cdaa0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06e4db861e096383c30a5562be502607b38a1e5eedd38edf7559050c1c2cdaa0
Size

64KB
Sample

221128-ha5eesgf5x
MD5

05a4363c44eb5196f82613c9794f6003
SHA1

97642fcd1ed9642b9727a1f1345cd7b2b1720db1
SHA256

06e4db861e096383c30a5562be502607b38a1e5eedd38edf7559050c1c2cdaa0
SHA512

b5d39b2d75f6b9f0778d6a233875ccc393ace9137a6b273fbe1792d4f649c6b6dcda2a6318e94df29c690fd6d26e7befc4d0f28de5527020b60e421ddf6600cd
SSDEEP

768:gBZRFIzD/mjNgXFVdl6ih18ORsWsDL6KhjWCpRI+CTnQIItL2FN9wBq+a:gPCcdiZsWmFZRIxOL2FN9ara

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  06e4db861e096383c30a5562be502607b38a1e5eedd38edf7559050c1c2cdaa0
- Size
  
  64KB
- MD5
  
  05a4363c44eb5196f82613c9794f6003
- SHA1
  
  97642fcd1ed9642b9727a1f1345cd7b2b1720db1
- SHA256
  
  06e4db861e096383c30a5562be502607b38a1e5eedd38edf7559050c1c2cdaa0
- SHA512
  
  b5d39b2d75f6b9f0778d6a233875ccc393ace9137a6b273fbe1792d4f649c6b6dcda2a6318e94df29c690fd6d26e7befc4d0f28de5527020b60e421ddf6600cd
- SSDEEP
  
  768:gBZRFIzD/mjNgXFVdl6ih18ORsWsDL6KhjWCpRI+CTnQIItL2FN9wBq+a:gPCcdiZsWmFZRIxOL2FN9ara
Score

8^/10

persistence
- Modifies AppInit DLL entries
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2