958fe548bdb10fd47b1d5f56dbe1a4797aa75292d26302ff2f11f1367807b0b4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

958fe548bdb10fd47b1d5f56dbe1a4797aa75292d26302ff2f11f1367807b0b4
Size

573KB
Sample

221201-zpyc4adg4y
MD5

4281d3d74dc18f0bc10468e307735b3b
SHA1

958b3cde3fb647368424932997e97f4318dd8f91
SHA256

958fe548bdb10fd47b1d5f56dbe1a4797aa75292d26302ff2f11f1367807b0b4
SHA512

ea34657ec22f8171f63834c697fa6e219dfa83fea7a9a871ccb17725cd91c81468581f209a6b488843825b67139736c6ad1df4983d8df9bc40d7cb53e55397e0
SSDEEP

12288:QV+mzRtHQg4P+5upu/RhlvYAx5LLSlG7J8i+Ju4+ZoeJj8Cbz0:Q8K+mDRjvYAxJObi+JjeJjvbz0

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  958fe548bdb10fd47b1d5f56dbe1a4797aa75292d26302ff2f11f1367807b0b4
- Size
  
  573KB
- MD5
  
  4281d3d74dc18f0bc10468e307735b3b
- SHA1
  
  958b3cde3fb647368424932997e97f4318dd8f91
- SHA256
  
  958fe548bdb10fd47b1d5f56dbe1a4797aa75292d26302ff2f11f1367807b0b4
- SHA512
  
  ea34657ec22f8171f63834c697fa6e219dfa83fea7a9a871ccb17725cd91c81468581f209a6b488843825b67139736c6ad1df4983d8df9bc40d7cb53e55397e0
- SSDEEP
  
  12288:QV+mzRtHQg4P+5upu/RhlvYAx5LLSlG7J8i+Ju4+ZoeJj8Cbz0:Q8K+mDRjvYAxJObi+JjeJjvbz0
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2