9ef50ae7587d43c1c3f58b7567676803f9cd830b383e916082e64294deedce9d | Triage

Sharing

General

Target

9ef50ae7587d43c1c3f58b7567676803f9cd830b383e916082e64294deedce9d
Size

269KB
Sample

221204-csyrpsch9y
MD5

1f41a328c73922939c08f4a158d5698a
SHA1

b4edfed1c5a4b6b91673bcd31e5aca8156447b3a
SHA256

9ef50ae7587d43c1c3f58b7567676803f9cd830b383e916082e64294deedce9d
SHA512

31246829afa4ee018ffc1016b5d43d4450ffe41e94b711adbb6fca6e449b622a6d46e2f63fa8a5efefa1b334be13258f00e98074db22a5aef8e6996b42891277
SSDEEP

6144:bwXhRyq926tFIGBFrQee3Kc7vcIVYAEymU4v+GakMFcK:bwL7FrcHvcSEu+XaDFc

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  9ef50ae7587d43c1c3f58b7567676803f9cd830b383e916082e64294deedce9d
- Size
  
  269KB
- MD5
  
  1f41a328c73922939c08f4a158d5698a
- SHA1
  
  b4edfed1c5a4b6b91673bcd31e5aca8156447b3a
- SHA256
  
  9ef50ae7587d43c1c3f58b7567676803f9cd830b383e916082e64294deedce9d
- SHA512
  
  31246829afa4ee018ffc1016b5d43d4450ffe41e94b711adbb6fca6e449b622a6d46e2f63fa8a5efefa1b334be13258f00e98074db22a5aef8e6996b42891277
- SSDEEP
  
  6144:bwXhRyq926tFIGBFrQee3Kc7vcIVYAEymU4v+GakMFcK:bwL7FrcHvcSEu+XaDFc
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2