addaf659dde6e480b982b66999398d52c1bf2dbf751c1ec9280bf98cff615304 | Triage

Sharing

General

Target

addaf659dde6e480b982b66999398d52c1bf2dbf751c1ec9280bf98cff615304
Size

183KB
Sample

221129-ne62psdf32
MD5

cb2d856dc72bb7e528dba68f19e8fdca
SHA1

39a48d86e280a65d35bec591776816358b8372e3
SHA256

addaf659dde6e480b982b66999398d52c1bf2dbf751c1ec9280bf98cff615304
SHA512

476009a3a16183a47aa0e02d8fcfea357693f3e67657ebd9f8a5781c054accf02b937555c84a5539f9702a3a81ae48d6a27283dad0790afaa90e90623180bf27
SSDEEP

3072:q/SpcwdFVhNPN1e68NpDUdI9BTX/EOWm1LUABC/74n8snQXkoemxhCh8llgQWZR:q/0FVhNPNMrUITTvosLUAg8n8MQz/cGG

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  addaf659dde6e480b982b66999398d52c1bf2dbf751c1ec9280bf98cff615304
- Size
  
  183KB
- MD5
  
  cb2d856dc72bb7e528dba68f19e8fdca
- SHA1
  
  39a48d86e280a65d35bec591776816358b8372e3
- SHA256
  
  addaf659dde6e480b982b66999398d52c1bf2dbf751c1ec9280bf98cff615304
- SHA512
  
  476009a3a16183a47aa0e02d8fcfea357693f3e67657ebd9f8a5781c054accf02b937555c84a5539f9702a3a81ae48d6a27283dad0790afaa90e90623180bf27
- SSDEEP
  
  3072:q/SpcwdFVhNPN1e68NpDUdI9BTX/EOWm1LUABC/74n8snQXkoemxhCh8llgQWZR:q/0FVhNPNMrUITTvosLUAg8n8MQz/cGG
Score

10^/10

persistence
- Modifies system executable filetype association
  persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Change Default File Association

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2