8fd33fced43bc0613e0beddb307840365db8c39637389443e1e26b58ebf50e53 | Triage

Sharing

General

Target

8fd33fced43bc0613e0beddb307840365db8c39637389443e1e26b58ebf50e53
Size

1.5MB
Sample

221206-lbxmragf5t
MD5

a83524600f0c8325ea4235f0f4afaa8a
SHA1

dfecbb9aa82d4bffe4709e252b113652ac860e1f
SHA256

8fd33fced43bc0613e0beddb307840365db8c39637389443e1e26b58ebf50e53
SHA512

621bc5e109dab21100518cc73cd7ff60df202fb17a5870062362dc16aaaeec562d5c170568e1d3df105f7af1125ea6ffa6c925a840c28a23aa5053a94682e15d
SSDEEP

24576:8oV9MQIcSuxwOGyb/qIouL4bPhg/pSgvj98hmDIBXrg6A9tYQIMYYWvlo6AhdprQ:ZV9wWf/XLlj9JMXrgyRNuKEYR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  8fd33fced43bc0613e0beddb307840365db8c39637389443e1e26b58ebf50e53
- Size
  
  1.5MB
- MD5
  
  a83524600f0c8325ea4235f0f4afaa8a
- SHA1
  
  dfecbb9aa82d4bffe4709e252b113652ac860e1f
- SHA256
  
  8fd33fced43bc0613e0beddb307840365db8c39637389443e1e26b58ebf50e53
- SHA512
  
  621bc5e109dab21100518cc73cd7ff60df202fb17a5870062362dc16aaaeec562d5c170568e1d3df105f7af1125ea6ffa6c925a840c28a23aa5053a94682e15d
- SSDEEP
  
  24576:8oV9MQIcSuxwOGyb/qIouL4bPhg/pSgvj98hmDIBXrg6A9tYQIMYYWvlo6AhdprQ:ZV9wWf/XLlj9JMXrgyRNuKEYR
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2