dec2388900541d3e96b5d41bdfd9cae8ce4bee4e3b6c22eb07c9bfa5164b3d13 | Triage

Sharing

General

Target

dec2388900541d3e96b5d41bdfd9cae8ce4bee4e3b6c22eb07c9bfa5164b3d13
Size

37KB
Sample

221203-n84tfahc24
MD5

f15392e92718a378726cc04e701a7f9c
SHA1

793336ac1dafa0f6a81b2d6889466ff38350ec5e
SHA256

dec2388900541d3e96b5d41bdfd9cae8ce4bee4e3b6c22eb07c9bfa5164b3d13
SHA512

e4ab760fb1f34652dd564b53deaf374063085f25a7548178d46ebeed00112f89f4cf8e338c2a4a5b93030d265bb088334d7d1826e94683c9f5726b2a92b93912
SSDEEP

768:8uNor3AmmhmjMt+1ihv5rm04kzGWrgH1syep5TaFnciFJzu86rwT:39mmhmjMtEYv59zQap5uFnciFX6rK

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  dec2388900541d3e96b5d41bdfd9cae8ce4bee4e3b6c22eb07c9bfa5164b3d13
- Size
  
  37KB
- MD5
  
  f15392e92718a378726cc04e701a7f9c
- SHA1
  
  793336ac1dafa0f6a81b2d6889466ff38350ec5e
- SHA256
  
  dec2388900541d3e96b5d41bdfd9cae8ce4bee4e3b6c22eb07c9bfa5164b3d13
- SHA512
  
  e4ab760fb1f34652dd564b53deaf374063085f25a7548178d46ebeed00112f89f4cf8e338c2a4a5b93030d265bb088334d7d1826e94683c9f5726b2a92b93912
- SSDEEP
  
  768:8uNor3AmmhmjMt+1ihv5rm04kzGWrgH1syep5TaFnciFJzu86rwT:39mmhmjMtEYv59zQap5uFnciFX6rK
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2