d0e075a70fde4033f6df3fd277e0c2f833877d252defbc5c281df2c49e7eb36a | Triage

Sharing

General

Target

d0e075a70fde4033f6df3fd277e0c2f833877d252defbc5c281df2c49e7eb36a
Size

320KB
Sample

221206-s7fsfaed8v
MD5

e2b8a1ee285ddacb249d3a0d32d0908e
SHA1

04987a6bf3e7c950d5267393a675a1721d71ec03
SHA256

d0e075a70fde4033f6df3fd277e0c2f833877d252defbc5c281df2c49e7eb36a
SHA512

742a9211072ece2000608e1a5a70ffe414a7788b1938616d8c6782455b01728bac6eab6dd65751fdf5dd8c86dbbb7504dfd9a419e5d5a25cfeaf3baf18627f9e
SSDEEP

6144:QPAiecYyfe74r7srbfzeNG28srSw4jGHFm3rkVK77dTQXYHvOERcR:N5Z4vCjSNG2d7RlQpv4YHaR

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  d0e075a70fde4033f6df3fd277e0c2f833877d252defbc5c281df2c49e7eb36a
- Size
  
  320KB
- MD5
  
  e2b8a1ee285ddacb249d3a0d32d0908e
- SHA1
  
  04987a6bf3e7c950d5267393a675a1721d71ec03
- SHA256
  
  d0e075a70fde4033f6df3fd277e0c2f833877d252defbc5c281df2c49e7eb36a
- SHA512
  
  742a9211072ece2000608e1a5a70ffe414a7788b1938616d8c6782455b01728bac6eab6dd65751fdf5dd8c86dbbb7504dfd9a419e5d5a25cfeaf3baf18627f9e
- SSDEEP
  
  6144:QPAiecYyfe74r7srbfzeNG28srSw4jGHFm3rkVK77dTQXYHvOERcR:N5Z4vCjSNG2d7RlQpv4YHaR
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2