ce45f82e70902999624c17286274b2c9fa97af591947ca8ddd9118b22695b3dc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce45f82e70902999624c17286274b2c9fa97af591947ca8ddd9118b22695b3dc
Size

15KB
Sample

221207-dr3vpsag26
MD5

150b5fdd538676b662f9e865f6ae784c
SHA1

8cb0772dcbc7396b495f8b1c95d4ad5522c4c451
SHA256

ce45f82e70902999624c17286274b2c9fa97af591947ca8ddd9118b22695b3dc
SHA512

ddb1df090d1a31c98dcab6267a38ab61fa8e2d7289065201fdd5003240099ae8570b013e13dc9fece191b4954cd3dee9e0d367eb1a2eb1635fab006abf0430a0
SSDEEP

384:3jq2hbipWbRpCWlkjIJLiezqjwm/pg7fMUCb:3jdhbiAPxGjWL1zygrMUCb

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ce45f82e70902999624c17286274b2c9fa97af591947ca8ddd9118b22695b3dc
- Size
  
  15KB
- MD5
  
  150b5fdd538676b662f9e865f6ae784c
- SHA1
  
  8cb0772dcbc7396b495f8b1c95d4ad5522c4c451
- SHA256
  
  ce45f82e70902999624c17286274b2c9fa97af591947ca8ddd9118b22695b3dc
- SHA512
  
  ddb1df090d1a31c98dcab6267a38ab61fa8e2d7289065201fdd5003240099ae8570b013e13dc9fece191b4954cd3dee9e0d367eb1a2eb1635fab006abf0430a0
- SSDEEP
  
  384:3jq2hbipWbRpCWlkjIJLiezqjwm/pg7fMUCb:3jdhbiAPxGjWL1zygrMUCb
Score

8^/10

persistence
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2