7c1f92a9a266203692ca499bfbb474346e234f6395bb73723e59381a102f9ed4 | Triage

Sharing

General

Target

7c1f92a9a266203692ca499bfbb474346e234f6395bb73723e59381a102f9ed4
Size

10.9MB
Sample

230204-xya8taec44
MD5

45cf5dc45f41d2359fe12cb70be00e29
SHA1

ec48ed2e3c2df019b71251220108c06862c2617a
SHA256

7c1f92a9a266203692ca499bfbb474346e234f6395bb73723e59381a102f9ed4
SHA512

ab55dc78ab7e73550982cda4f57f9e3df59377be98e4fef0552cf1c4642912a90a24c216075e8b90c06981451b8968fc968957542acc7e8cc0003d26db41c7fa
SSDEEP

196608:oStdgnrUUm+7UiFG8xHeKvpIMP91SK085Psfi20i7APviOpiYkGO8z0H:oGSgUmHiFG8x+kCMeA5O2XPpiYkr8

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  7c1f92a9a266203692ca499bfbb474346e234f6395bb73723e59381a102f9ed4
- Size
  
  10.9MB
- MD5
  
  45cf5dc45f41d2359fe12cb70be00e29
- SHA1
  
  ec48ed2e3c2df019b71251220108c06862c2617a
- SHA256
  
  7c1f92a9a266203692ca499bfbb474346e234f6395bb73723e59381a102f9ed4
- SHA512
  
  ab55dc78ab7e73550982cda4f57f9e3df59377be98e4fef0552cf1c4642912a90a24c216075e8b90c06981451b8968fc968957542acc7e8cc0003d26db41c7fa
- SSDEEP
  
  196608:oStdgnrUUm+7UiFG8xHeKvpIMP91SK085Psfi20i7APviOpiYkGO8z0H:oGSgUmHiFG8x+kCMeA5O2XPpiYkr8
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1