ce096abe79fd05472e90433030f374b6177cf1d99aa715e451e6de356647aa0a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce096abe79fd05472e90433030f374b6177cf1d99aa715e451e6de356647aa0a
Size

313KB
Sample

221203-cr3n9sac81
MD5

b3aee08d6c40c59ef0810ce481789280
SHA1

f87f64080fa289a9bd667b3de05a2073b8618478
SHA256

ce096abe79fd05472e90433030f374b6177cf1d99aa715e451e6de356647aa0a
SHA512

0f9caa37a7c2377f08687030d26ab099a7b754530a3d05195bb38bfa84a49d77fffd85835edfb0126d5fd1654ebd19aa5f0a4cbf35d9dc6a50d9724176f36657
SSDEEP

6144:yijYe4VGbYuIo0B+3O0r18i1rX3Lw1nivWE7E8IGL2YYyhRyhHGoSn4dDgovXsQ:yw4VrnwZ88rX3inszLyHG6mKL

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ce096abe79fd05472e90433030f374b6177cf1d99aa715e451e6de356647aa0a
- Size
  
  313KB
- MD5
  
  b3aee08d6c40c59ef0810ce481789280
- SHA1
  
  f87f64080fa289a9bd667b3de05a2073b8618478
- SHA256
  
  ce096abe79fd05472e90433030f374b6177cf1d99aa715e451e6de356647aa0a
- SHA512
  
  0f9caa37a7c2377f08687030d26ab099a7b754530a3d05195bb38bfa84a49d77fffd85835edfb0126d5fd1654ebd19aa5f0a4cbf35d9dc6a50d9724176f36657
- SSDEEP
  
  6144:yijYe4VGbYuIo0B+3O0r18i1rX3Lw1nivWE7E8IGL2YYyhRyhHGoSn4dDgovXsQ:yw4VrnwZ88rX3inszLyHG6mKL
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2