bc052528860ff8b5eaee9ea121c3d33caf9761c5ce37c08ecfb4cc52e89bc01e | Triage

Sharing

General

Target

bc052528860ff8b5eaee9ea121c3d33caf9761c5ce37c08ecfb4cc52e89bc01e
Size

380KB
Sample

221202-1z2nyacf8z
MD5

c8f4c696af0c998340a384d8d90516c1
SHA1

2570914f352bd90ffc0c2f219710a373f288ec4b
SHA256

bc052528860ff8b5eaee9ea121c3d33caf9761c5ce37c08ecfb4cc52e89bc01e
SHA512

834160c261b8258cd5864f225538d08aaf4100e7e78faac3bb26b405c96accc7a20ee7e2cc16ee24027362aa7ffd067f47f019f70684cae61db9015ea617fb21
SSDEEP

6144:tS/534CMGOopQe3wzYyZzhPH3ziHe+237Hc6PyLY7aQEwh9Nlb:4Q5tYyL3ziHe+Mzjd7aQEwh9Nt

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  bc052528860ff8b5eaee9ea121c3d33caf9761c5ce37c08ecfb4cc52e89bc01e
- Size
  
  380KB
- MD5
  
  c8f4c696af0c998340a384d8d90516c1
- SHA1
  
  2570914f352bd90ffc0c2f219710a373f288ec4b
- SHA256
  
  bc052528860ff8b5eaee9ea121c3d33caf9761c5ce37c08ecfb4cc52e89bc01e
- SHA512
  
  834160c261b8258cd5864f225538d08aaf4100e7e78faac3bb26b405c96accc7a20ee7e2cc16ee24027362aa7ffd067f47f019f70684cae61db9015ea617fb21
- SSDEEP
  
  6144:tS/534CMGOopQe3wzYyZzhPH3ziHe+237Hc6PyLY7aQEwh9Nlb:4Q5tYyL3ziHe+Mzjd7aQEwh9Nt
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2