b615c8e200a9b4dea8925bfbebdea652367a00366eb1415f323362312e122ed2 | Triage

Sharing

General

Target

b615c8e200a9b4dea8925bfbebdea652367a00366eb1415f323362312e122ed2
Size

560KB
Sample

221202-19v9xaac92
MD5

cc097f39b5675b5170eeaefad2cdb6e5
SHA1

3e6c1af8b7e4df9ee7d90c399da221dbb8194be8
SHA256

b615c8e200a9b4dea8925bfbebdea652367a00366eb1415f323362312e122ed2
SHA512

3295c6aa1416df26bd3cbf7e0c7a91146e73ac4e8459b102b4fcf6e606c524d4d961fdc25374ac20a4727ea72e1f15e07fd20145f5712af33c4654d77fa8b256
SSDEEP

12288:Y3nZMhJ+ubNJtqyk4YAY+hfOh43nofBD5qGhRDUOOxwROywrE2+:Y3nZqfbvtKfAThc43nYBD1DLTiEt

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b615c8e200a9b4dea8925bfbebdea652367a00366eb1415f323362312e122ed2
- Size
  
  560KB
- MD5
  
  cc097f39b5675b5170eeaefad2cdb6e5
- SHA1
  
  3e6c1af8b7e4df9ee7d90c399da221dbb8194be8
- SHA256
  
  b615c8e200a9b4dea8925bfbebdea652367a00366eb1415f323362312e122ed2
- SHA512
  
  3295c6aa1416df26bd3cbf7e0c7a91146e73ac4e8459b102b4fcf6e606c524d4d961fdc25374ac20a4727ea72e1f15e07fd20145f5712af33c4654d77fa8b256
- SSDEEP
  
  12288:Y3nZMhJ+ubNJtqyk4YAY+hfOh43nofBD5qGhRDUOOxwROywrE2+:Y3nZqfbvtKfAThc43nYBD1DLTiEt
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2