9947b09b5518845c4601938c871fc7bc5c65f2f9791020cc432d6129e6c71236 | Triage

Sharing

General

Target

9947b09b5518845c4601938c871fc7bc5c65f2f9791020cc432d6129e6c71236
Size

67KB
Sample

221205-npk7zsad7s
MD5

ed3dae1f4d68cf87d83bc411787824ce
SHA1

f9852fba45bd7a53b668e7198a3ce8c00fb9b117
SHA256

9947b09b5518845c4601938c871fc7bc5c65f2f9791020cc432d6129e6c71236
SHA512

ca545b73373b59f27b1b7dac4ed884f1f3b929c93b6cc12f823ecccb082fd362b015daa385df8e3b1baa30f3f65bb201e711edb8a9d1b87eebb1b8df0e53f776
SSDEEP

1536:3ZPjAXDfP2q8TFzOkWI1/8k/QKegC39/:3hjGDfP2q8TJVZQgC3

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  9947b09b5518845c4601938c871fc7bc5c65f2f9791020cc432d6129e6c71236
- Size
  
  67KB
- MD5
  
  ed3dae1f4d68cf87d83bc411787824ce
- SHA1
  
  f9852fba45bd7a53b668e7198a3ce8c00fb9b117
- SHA256
  
  9947b09b5518845c4601938c871fc7bc5c65f2f9791020cc432d6129e6c71236
- SHA512
  
  ca545b73373b59f27b1b7dac4ed884f1f3b929c93b6cc12f823ecccb082fd362b015daa385df8e3b1baa30f3f65bb201e711edb8a9d1b87eebb1b8df0e53f776
- SSDEEP
  
  1536:3ZPjAXDfP2q8TFzOkWI1/8k/QKegC39/:3hjGDfP2q8TJVZQgC3
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2