86cd5157f9135bb960c908a7675d4443e557f311966cd456341c891ec89ae8a6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86cd5157f9135bb960c908a7675d4443e557f311966cd456341c891ec89ae8a6
Size

133KB
Sample

221201-b6d4sagf2x
MD5

d6e0319b18730f275d2f2c7eaef9bc39
SHA1

754b39a763997ebfdb7232aaf3bac5a2f83ebfe8
SHA256

86cd5157f9135bb960c908a7675d4443e557f311966cd456341c891ec89ae8a6
SHA512

96851aded18d69e4f1934a56392fa1ff022d900931ee9ceb9e6effb9e38b946dd18ffdd79c65e27e9ba50b05818ca75b291756f20d1e04e1250cde671e50c0b6
SSDEEP

3072:MCjRX4kMy+9anRj+0GXAmCzi9e1q1zzxmd4nQymqj:7IM+9aRuQ/IdLQymA

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  86cd5157f9135bb960c908a7675d4443e557f311966cd456341c891ec89ae8a6
- Size
  
  133KB
- MD5
  
  d6e0319b18730f275d2f2c7eaef9bc39
- SHA1
  
  754b39a763997ebfdb7232aaf3bac5a2f83ebfe8
- SHA256
  
  86cd5157f9135bb960c908a7675d4443e557f311966cd456341c891ec89ae8a6
- SHA512
  
  96851aded18d69e4f1934a56392fa1ff022d900931ee9ceb9e6effb9e38b946dd18ffdd79c65e27e9ba50b05818ca75b291756f20d1e04e1250cde671e50c0b6
- SSDEEP
  
  3072:MCjRX4kMy+9anRj+0GXAmCzi9e1q1zzxmd4nQymqj:7IM+9aRuQ/IdLQymA
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2