a728a5bc3c98fc0702e8740466cd24c288897bb83f5cc49992b435c81795958f | Triage

Sharing

General

Target

a728a5bc3c98fc0702e8740466cd24c288897bb83f5cc49992b435c81795958f
Size

105KB
Sample

221201-yq59naad7v
MD5

aa1900f325a29f773ef143079ba5b906
SHA1

1bc15874df3d426eb338f89ab4bd6e5d07cec7ac
SHA256

a728a5bc3c98fc0702e8740466cd24c288897bb83f5cc49992b435c81795958f
SHA512

d2c1cea29b3506428a8e528946edacf6880799c8e6df137f1782a9de228838dac706d04a9000ffef1f90a231bfc87bc4df79616fb7d36779ca5f84beaf2efb7c
SSDEEP

3072:q5aIsBS5gimW2ghQ2TcKlSjeKyfpiG5PbTE4:o6GhQkxHPH

Score

8^/10

persistence upx

Malware Config

Targets

- Target
  
  a728a5bc3c98fc0702e8740466cd24c288897bb83f5cc49992b435c81795958f
- Size
  
  105KB
- MD5
  
  aa1900f325a29f773ef143079ba5b906
- SHA1
  
  1bc15874df3d426eb338f89ab4bd6e5d07cec7ac
- SHA256
  
  a728a5bc3c98fc0702e8740466cd24c288897bb83f5cc49992b435c81795958f
- SHA512
  
  d2c1cea29b3506428a8e528946edacf6880799c8e6df137f1782a9de228838dac706d04a9000ffef1f90a231bfc87bc4df79616fb7d36779ca5f84beaf2efb7c
- SSDEEP
  
  3072:q5aIsBS5gimW2ghQ2TcKlSjeKyfpiG5PbTE4:o6GhQkxHPH
Score

8^/10

persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
- Checks for any installed AV software in registry
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2