90362cc19d94c563a19441268b2de5fdd5a468b3d97f1f843405f0932c2cdd79 | Triage

Sharing

General

Target

90362cc19d94c563a19441268b2de5fdd5a468b3d97f1f843405f0932c2cdd79
Size

249KB
Sample

221207-b8pcjadg27
MD5

1e6bdd534af3820e109d7cfc2b29d714
SHA1

dc2874d8c44e34c9cb92c7da4f06b5b49a7db3df
SHA256

90362cc19d94c563a19441268b2de5fdd5a468b3d97f1f843405f0932c2cdd79
SHA512

27c1a24947703a1923c94e250ca278de362032d3813b04a1d1960307e654f63de752c7521a6cd608dfac947bf66b02f952c221e5549dbef21debf7fab1a9c538
SSDEEP

6144:QEhLudwDLxTXwiDTIKXfnNRB7znd4vCohce3ozYmOkAigGl:Q6LudwDLxTXwiDTIKXfnNRB7zndozces

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  90362cc19d94c563a19441268b2de5fdd5a468b3d97f1f843405f0932c2cdd79
- Size
  
  249KB
- MD5
  
  1e6bdd534af3820e109d7cfc2b29d714
- SHA1
  
  dc2874d8c44e34c9cb92c7da4f06b5b49a7db3df
- SHA256
  
  90362cc19d94c563a19441268b2de5fdd5a468b3d97f1f843405f0932c2cdd79
- SHA512
  
  27c1a24947703a1923c94e250ca278de362032d3813b04a1d1960307e654f63de752c7521a6cd608dfac947bf66b02f952c221e5549dbef21debf7fab1a9c538
- SSDEEP
  
  6144:QEhLudwDLxTXwiDTIKXfnNRB7znd4vCohce3ozYmOkAigGl:Q6LudwDLxTXwiDTIKXfnNRB7zndozces
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2