f70b4e47237e0124a7026fe54eb4ff255d5d62ca7911a54a50f7148d85150bcd | Triage

Sharing

General

Target

f70b4e47237e0124a7026fe54eb4ff255d5d62ca7911a54a50f7148d85150bcd
Size

27KB
Sample

221201-tgjbbaeb68
MD5

30b0ba6d76fa21fbc56cb2d26c3e6da3
SHA1

f036113de2c8646fcc554229fd0243256023c6b2
SHA256

f70b4e47237e0124a7026fe54eb4ff255d5d62ca7911a54a50f7148d85150bcd
SHA512

79c55ae438e77415c6a7ca95c42e61907a9ddfa310196b21e6c36aaceb012850a47359ce0a2c23876931c25c2af230e83e5f97e337f5c906757d2c11d4b8752e
SSDEEP

768:htwF4ykjiGOeg6+L0mNvjaRziDG/jDQjjmWTe+Hc9gst9q:sM2Q7+L0mNvjaRziDG/jDQjjmW9Hc97a

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  f70b4e47237e0124a7026fe54eb4ff255d5d62ca7911a54a50f7148d85150bcd
- Size
  
  27KB
- MD5
  
  30b0ba6d76fa21fbc56cb2d26c3e6da3
- SHA1
  
  f036113de2c8646fcc554229fd0243256023c6b2
- SHA256
  
  f70b4e47237e0124a7026fe54eb4ff255d5d62ca7911a54a50f7148d85150bcd
- SHA512
  
  79c55ae438e77415c6a7ca95c42e61907a9ddfa310196b21e6c36aaceb012850a47359ce0a2c23876931c25c2af230e83e5f97e337f5c906757d2c11d4b8752e
- SSDEEP
  
  768:htwF4ykjiGOeg6+L0mNvjaRziDG/jDQjjmWTe+Hc9gst9q:sM2Q7+L0mNvjaRziDG/jDQjjmW9Hc97a
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2