a0dc42bc7672a92f9865cd50cbbac1288ca01fd5bc243f35e3ca3c2ae14b46ad | Triage

Sharing

General

Target

a0dc42bc7672a92f9865cd50cbbac1288ca01fd5bc243f35e3ca3c2ae14b46ad
Size

292KB
Sample

221204-gxv9lagg9v
MD5

905e44fd625da379e4426e3afb3dc5f6
SHA1

99997f424acecd6f6630c8dc82297064b6e8b70a
SHA256

a0dc42bc7672a92f9865cd50cbbac1288ca01fd5bc243f35e3ca3c2ae14b46ad
SHA512

a62dadd98d7bbd0bf084def99995f1522ff853a3414bfe25c4587edc1d9439f326fa1907bcaa58e4f44e7e312a2573acfdd68c233e8c576925fa75e24fed0cee
SSDEEP

6144:/SB1Ed0h/CB5OVhc94CfcEkF/7sZPex9seuGJIa/K4fFnvnhch+Xqk:/81Ed0hYcVhckcgrPs4fxhw+F

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a0dc42bc7672a92f9865cd50cbbac1288ca01fd5bc243f35e3ca3c2ae14b46ad
- Size
  
  292KB
- MD5
  
  905e44fd625da379e4426e3afb3dc5f6
- SHA1
  
  99997f424acecd6f6630c8dc82297064b6e8b70a
- SHA256
  
  a0dc42bc7672a92f9865cd50cbbac1288ca01fd5bc243f35e3ca3c2ae14b46ad
- SHA512
  
  a62dadd98d7bbd0bf084def99995f1522ff853a3414bfe25c4587edc1d9439f326fa1907bcaa58e4f44e7e312a2573acfdd68c233e8c576925fa75e24fed0cee
- SSDEEP
  
  6144:/SB1Ed0h/CB5OVhc94CfcEkF/7sZPex9seuGJIa/K4fFnvnhch+Xqk:/81Ed0hYcVhckcgrPs4fxhw+F
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2