a66e086f598cb7c2ae423cf3332a4984faa7e923b64d81abd6fe60051ce7c376 | Triage

Sharing

General

Target

a66e086f598cb7c2ae423cf3332a4984faa7e923b64d81abd6fe60051ce7c376
Size

36KB
Sample

221203-tf3csseb65
MD5

799f2b5410163145c97f5ad413f9e7f6
SHA1

3a796a349a22bec12f31579fe8a9a453662c6ce6
SHA256

a66e086f598cb7c2ae423cf3332a4984faa7e923b64d81abd6fe60051ce7c376
SHA512

d2cf21afebd9a4c02150ed69c333ac3e8666714530be481a96765af98072914c8b44e3d3ca075c4216b484a557550d7056d3923b1989e84ba483cc7245d4773a
SSDEEP

384:eOgGIbRJpai9c49Wigp5/y+ixe1+B6BDR+v+I7J3SvwKF58o2iU+:qjgiGxy+is1M6BDRK97J3+ZFWo2iU+

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a66e086f598cb7c2ae423cf3332a4984faa7e923b64d81abd6fe60051ce7c376
- Size
  
  36KB
- MD5
  
  799f2b5410163145c97f5ad413f9e7f6
- SHA1
  
  3a796a349a22bec12f31579fe8a9a453662c6ce6
- SHA256
  
  a66e086f598cb7c2ae423cf3332a4984faa7e923b64d81abd6fe60051ce7c376
- SHA512
  
  d2cf21afebd9a4c02150ed69c333ac3e8666714530be481a96765af98072914c8b44e3d3ca075c4216b484a557550d7056d3923b1989e84ba483cc7245d4773a
- SSDEEP
  
  384:eOgGIbRJpai9c49Wigp5/y+ixe1+B6BDR+v+I7J3SvwKF58o2iU+:qjgiGxy+is1M6BDRK97J3+ZFWo2iU+
Score

8^/10

persistence
- Modifies AppInit DLL entries
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2