c0036195bb7a23e6800420c46fad86725bf7a1a4da24c688dde304f8e42674d1 | Triage

Resubmissions

23/10/2023, 12:19

231023-phhnysae25 7

12/01/2023, 07:49

230112-jnz8asfe24 7

Sharing

Copy URL Twitter E-mail

General

Target

c0036195bb7a23e6800420c46fad86725bf7a1a4da24c688dde304f8e42674d1
Size

2.2MB
Sample

230112-jnz8asfe24
MD5

edcd5ff1c2af9451405d430052c60660
SHA1

a55ac633303713c61b0dd475bba409e00640d739
SHA256

c0036195bb7a23e6800420c46fad86725bf7a1a4da24c688dde304f8e42674d1
SHA512

1e85cf10e05cce9744e3861787102e40abbbe593e507365e980db04abd1cbbebe3d3feb26da22221f6c1987cc0665f66328c4d09e2229bf7cf28d95697c78f46
SSDEEP

6144:uImoAFu+OykdGpxysrz5Tjuf9/ddlZi3F23FukA1kAb0rEbrESZU8wFjNHN:FGONdGpxyoljc/d9EM3E790rEbrEz

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  MSVCR100.dll
- Size
  
  11KB
- MD5
  
  8af6f5e22806766c530dcc8420e60f29
- SHA1
  
  ce8c6dcc12169197d00a6d981ac0ff6bc3375520
- SHA256
  
  3f38860d0f6f0ff1b65219379f8793383cba85b11de1c853192fb2d2ba99e481
- SHA512
  
  7e658e338a4d694873d6e02be9cf104138892d7cb2941515855b0d4c86b6941fb186fb4d14fc7191a1bc4dea321260f8a198b0b14a2ca8d2008d15c5491ed4d0
- SSDEEP
  
  192:ZCWoo0fSk/kVHts4wTvkhLmMALyThk43X+EqL+39P:ExcNs3T8hLmHLyT2Iub+
Score

1^/10
behavioral1 behavioral2
- Target
  
  Updates on AJEX DAGITPA 2022 on 200900 Oct 22.pdf
- Size
  
  253KB
- MD5
  
  4f7b26c271c9bacc29a891bb80699e19
- SHA1
  
  663f6fc0fa6b58f4bd8513c64572c95c2306af35
- SHA256
  
  c3335af959acdb632de65bd398f0ac07d6d420aa293d3ee55416a96d5d21c40c
- SHA512
  
  d7f750afb01cffbaa69ff259b071a52c260440fed91a5631a7256eabb15da8faad3b5a0072628499d5bc244b7603d0b58552f03f6c40e76ec4e4bdf809135f28
- SSDEEP
  
  3072:1owZF+jUDOyUPRHex+w1pxy1AyIreSt5TBVuaNu+SCGp7PFNTSeGXCtdyoZHFPu:1oAFu+OykdGpxysrz5Tjuf9/ddlZE
Score

1^/10
behavioral3 behavioral4
- Target
  
  Updates on AJEX DAGITPA 2022 on 200900 Oct 22.pdf.exe
- Size
  
  1.8MB
- MD5
  
  7c22121f33af2bad8656ac09300416ee
- SHA1
  
  81852cb9950604eda0918f625c71b0962865db23
- SHA256
  
  3d46e95284f93bbb76b3b7e1bf0e1b2d51e8a9411c2b6e649112f22f92de63c2
- SHA512
  
  6e3f750326f185a36ae3abdd99efb4adba435767ba5973a2b3fe73403d51806f596129d24a980a24df1b501ed635ecfa2e90a81ec235fc12af04f64306b817e8
- SSDEEP
  
  3072:EMibZuTpOeyp0uTpOMckAKckAGDpA5NlKrss1ywKrss1ySZDvYONDzVFdC5wFVHv:B3F23FukA1kAb0rEbrESZU8wFjNHNI
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral5 behavioral6

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6