b9fe9161b2b5701a16b846dd89dbe839e98cf7adc96f5041bbd3edd404a81b01 | Triage

Sharing

General

Target

b9fe9161b2b5701a16b846dd89dbe839e98cf7adc96f5041bbd3edd404a81b01
Size

201KB
Sample

221203-g9ahnafd9x
MD5

b1839f3b0f0e4038d1fd83c983be0d84
SHA1

2bf1f11aa6ea2d3c143b96429af67732422045b7
SHA256

b9fe9161b2b5701a16b846dd89dbe839e98cf7adc96f5041bbd3edd404a81b01
SHA512

a38615b638277c03228bf2ab4cc62501cae9733c8ef0b26997b1aebc14b460004a0475e98767e95874a1784f8bbfda4da4b620966b6994128862f3ca72d91735
SSDEEP

3072:jvqz89m+363/7AbwLYtcFkTS3WqNbuXJ7RqhqzPdeplhkB7wAKLu0A9JsZKjtU89:r3TSFNiNsqoplhKEu0Wswj2eMs

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b9fe9161b2b5701a16b846dd89dbe839e98cf7adc96f5041bbd3edd404a81b01
- Size
  
  201KB
- MD5
  
  b1839f3b0f0e4038d1fd83c983be0d84
- SHA1
  
  2bf1f11aa6ea2d3c143b96429af67732422045b7
- SHA256
  
  b9fe9161b2b5701a16b846dd89dbe839e98cf7adc96f5041bbd3edd404a81b01
- SHA512
  
  a38615b638277c03228bf2ab4cc62501cae9733c8ef0b26997b1aebc14b460004a0475e98767e95874a1784f8bbfda4da4b620966b6994128862f3ca72d91735
- SSDEEP
  
  3072:jvqz89m+363/7AbwLYtcFkTS3WqNbuXJ7RqhqzPdeplhkB7wAKLu0A9JsZKjtU89:r3TSFNiNsqoplhKEu0Wswj2eMs
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2