a7f8fb74ab76d110c8ab25aa17650f4447345f25919cc44e5c5b576b98ea8fff | Triage

Sharing

General

Target

a7f8fb74ab76d110c8ab25aa17650f4447345f25919cc44e5c5b576b98ea8fff
Size

953KB
Sample

221206-ke97ksae44
MD5

c641a1cc9741ad61740d35b535d2c7f9
SHA1

15e7999c2cbd1f6d5f88da532c122c069a9df039
SHA256

a7f8fb74ab76d110c8ab25aa17650f4447345f25919cc44e5c5b576b98ea8fff
SHA512

ef2948a520033357eed66a776c6ecc19a62dd599a4f11bdb87ed0a7844f9cb13922cf3133a44bcff4485659e00aaa8777ea4fc1627875bbf08959186430ef4da
SSDEEP

24576:hXuj+c3eBzO3DKHGppYBbyjUDUK9wS+gz:h+t3pGQSN+k

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  a7f8fb74ab76d110c8ab25aa17650f4447345f25919cc44e5c5b576b98ea8fff
- Size
  
  953KB
- MD5
  
  c641a1cc9741ad61740d35b535d2c7f9
- SHA1
  
  15e7999c2cbd1f6d5f88da532c122c069a9df039
- SHA256
  
  a7f8fb74ab76d110c8ab25aa17650f4447345f25919cc44e5c5b576b98ea8fff
- SHA512
  
  ef2948a520033357eed66a776c6ecc19a62dd599a4f11bdb87ed0a7844f9cb13922cf3133a44bcff4485659e00aaa8777ea4fc1627875bbf08959186430ef4da
- SSDEEP
  
  24576:hXuj+c3eBzO3DKHGppYBbyjUDUK9wS+gz:h+t3pGQSN+k
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2