12363b44e8fb4a52f01734977812976e0e37a123ec54212f7411785925e7bf05 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12363b44e8fb4a52f01734977812976e0e37a123ec54212f7411785925e7bf05
Size

37KB
Sample

221202-a87cnsge83
MD5

a6a7484e182c200c4e03899072dd422b
SHA1

a6a056603e981cc627841f59e58913e17b69a398
SHA256

12363b44e8fb4a52f01734977812976e0e37a123ec54212f7411785925e7bf05
SHA512

d36d4405640d78f541e4cfa4b66c02beed18e7052425528f0c1cb3d7df0c520876b0fb9d4c7b52f7cc61aee1e652358676b3ca2206df6858e7543820ad9deca4
SSDEEP

768:rhZP7DV8mmlmfH41+h126IayW8+XaNtw3+auUs3p53Fn1iFJzuT6rwD:LPV8mmlmfHys126IavUNt8uzp53Fn1iI

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  12363b44e8fb4a52f01734977812976e0e37a123ec54212f7411785925e7bf05
- Size
  
  37KB
- MD5
  
  a6a7484e182c200c4e03899072dd422b
- SHA1
  
  a6a056603e981cc627841f59e58913e17b69a398
- SHA256
  
  12363b44e8fb4a52f01734977812976e0e37a123ec54212f7411785925e7bf05
- SHA512
  
  d36d4405640d78f541e4cfa4b66c02beed18e7052425528f0c1cb3d7df0c520876b0fb9d4c7b52f7cc61aee1e652358676b3ca2206df6858e7543820ad9deca4
- SSDEEP
  
  768:rhZP7DV8mmlmfH41+h126IayW8+XaNtw3+auUs3p53Fn1iFJzuT6rwD:LPV8mmlmfHys126IavUNt8uzp53Fn1iI
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2