c0db8296ff28016793fc32efffd4818dd140aa60e1002209adf4ad205a232594 | Triage

Sharing

General

Target

c0db8296ff28016793fc32efffd4818dd140aa60e1002209adf4ad205a232594
Size

60KB
Sample

221201-wyvrsaag9v
MD5

5791dbb0106490421b1a32006562e2e6
SHA1

0b5a720161f20982aa4cdb8dd43f18d6cf98e782
SHA256

c0db8296ff28016793fc32efffd4818dd140aa60e1002209adf4ad205a232594
SHA512

6dfc17c508c1cdd6319e81dad7e2574892ca704a43976af28dfe0866c9f8cfc87ae81a8863586f1b1197ed54b1769cc5252e14ad5aa7c8371849afce5e39422e
SSDEEP

768:dBZX+Nzp4mjNx4Ss4l6iE18++uWdB9GBc81f+Iw5BLJUXNPgH9nmscY:dPdc2inuWdB9r8YXPJY2BmscY

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c0db8296ff28016793fc32efffd4818dd140aa60e1002209adf4ad205a232594
- Size
  
  60KB
- MD5
  
  5791dbb0106490421b1a32006562e2e6
- SHA1
  
  0b5a720161f20982aa4cdb8dd43f18d6cf98e782
- SHA256
  
  c0db8296ff28016793fc32efffd4818dd140aa60e1002209adf4ad205a232594
- SHA512
  
  6dfc17c508c1cdd6319e81dad7e2574892ca704a43976af28dfe0866c9f8cfc87ae81a8863586f1b1197ed54b1769cc5252e14ad5aa7c8371849afce5e39422e
- SSDEEP
  
  768:dBZX+Nzp4mjNx4Ss4l6iE18++uWdB9GBc81f+Iw5BLJUXNPgH9nmscY:dPdc2inuWdB9r8YXPJY2BmscY
Score

8^/10

persistence
- Modifies AppInit DLL entries
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2