96ae90c073908db668a64e3a48f64cfc523e87e711d5a843121f1bbd02dd1bbe | Triage

Sharing

General

Target

96ae90c073908db668a64e3a48f64cfc523e87e711d5a843121f1bbd02dd1bbe
Size

84KB
Sample

221201-zl7scsde2t
MD5

5e15e32dc406f3ff5d133554ff664d85
SHA1

d3aedb0f45c0a4f3f51ecff369af80899ffdd068
SHA256

96ae90c073908db668a64e3a48f64cfc523e87e711d5a843121f1bbd02dd1bbe
SHA512

01f4357d1485e51f63bb2e265bb63471826f59bd8d0b6382531d7903d73dd9c80eaab48bab76fb990845d61dcd771358ef9890dd7b0ccd45167c8df4a6699c87
SSDEEP

1536:6bLrLRMz0eMz3Rf+Yly6Erx2bgg0h4aUmsKdEt1ZdcC:6bLfR7z3d++EAgPhLsh1w

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  96ae90c073908db668a64e3a48f64cfc523e87e711d5a843121f1bbd02dd1bbe
- Size
  
  84KB
- MD5
  
  5e15e32dc406f3ff5d133554ff664d85
- SHA1
  
  d3aedb0f45c0a4f3f51ecff369af80899ffdd068
- SHA256
  
  96ae90c073908db668a64e3a48f64cfc523e87e711d5a843121f1bbd02dd1bbe
- SHA512
  
  01f4357d1485e51f63bb2e265bb63471826f59bd8d0b6382531d7903d73dd9c80eaab48bab76fb990845d61dcd771358ef9890dd7b0ccd45167c8df4a6699c87
- SSDEEP
  
  1536:6bLrLRMz0eMz3Rf+Yly6Erx2bgg0h4aUmsKdEt1ZdcC:6bLfR7z3d++EAgPhLsh1w
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2