758deeaedc976873de84399897da81cca379904d75a5655492d57c4a519ffde2 | Triage

Sharing

General

Target

758deeaedc976873de84399897da81cca379904d75a5655492d57c4a519ffde2
Size

630KB
Sample

230505-yhg7vsce3y
MD5

040ecfc94a5832c37de3e152663ebab8
SHA1

a64e826f0aa3782903e51e75fbf0b61b57e2495c
SHA256

758deeaedc976873de84399897da81cca379904d75a5655492d57c4a519ffde2
SHA512

b5529aff3c865305f41b9428e1cb70cc1ba783bd3e1113acf5d4ac9d427594323aab43010f46426de1a9bdf417bd5dd22006e7ebba01f00a1ea511d521cb66fd
SSDEEP

12288:NV+mzoudyqxb99mN4sJbMTgZol5hzpmRVP3F/DhWWY+jEs9+U:N8+Z99mN4yHoVzwVd/FY+jE8p

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  758deeaedc976873de84399897da81cca379904d75a5655492d57c4a519ffde2
- Size
  
  630KB
- MD5
  
  040ecfc94a5832c37de3e152663ebab8
- SHA1
  
  a64e826f0aa3782903e51e75fbf0b61b57e2495c
- SHA256
  
  758deeaedc976873de84399897da81cca379904d75a5655492d57c4a519ffde2
- SHA512
  
  b5529aff3c865305f41b9428e1cb70cc1ba783bd3e1113acf5d4ac9d427594323aab43010f46426de1a9bdf417bd5dd22006e7ebba01f00a1ea511d521cb66fd
- SSDEEP
  
  12288:NV+mzoudyqxb99mN4sJbMTgZol5hzpmRVP3F/DhWWY+jEs9+U:N8+Z99mN4yHoVzwVd/FY+jE8p
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2