12c04eccd804bd036bcf48c982e3e112db3653cb2d27e7be50cdfb13632d5f4e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

88ad02e3615b8d827699ecfc299e30e3
Size

5.9MB
Sample

231012-rqb79adg5s
MD5

88ad02e3615b8d827699ecfc299e30e3
SHA1

dca167918adcf1b5c69fba1b529615355d41478c
SHA256

12c04eccd804bd036bcf48c982e3e112db3653cb2d27e7be50cdfb13632d5f4e
SHA512

a069a17485cf297081fbea4294c6dce52856f853e3ff64551e2f687401917bc22f2239d5a7fa258b55dffe421ac0d918d21b0762fbd7c22d285a1b01944a1b0c
SSDEEP

98304:xTOo5aLcJCkaHEGMFOse0lVIx+3z+mFX2SQngZShdkONdzow3hu/vADK0gnexQEA:J5E2XrG2Os7Vw+3Z2F3vlnow34/IG9ec

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  88ad02e3615b8d827699ecfc299e30e3
- Size
  
  5.9MB
- MD5
  
  88ad02e3615b8d827699ecfc299e30e3
- SHA1
  
  dca167918adcf1b5c69fba1b529615355d41478c
- SHA256
  
  12c04eccd804bd036bcf48c982e3e112db3653cb2d27e7be50cdfb13632d5f4e
- SHA512
  
  a069a17485cf297081fbea4294c6dce52856f853e3ff64551e2f687401917bc22f2239d5a7fa258b55dffe421ac0d918d21b0762fbd7c22d285a1b01944a1b0c
- SSDEEP
  
  98304:xTOo5aLcJCkaHEGMFOse0lVIx+3z+mFX2SQngZShdkONdzow3hu/vADK0gnexQEA:J5E2XrG2Os7Vw+3Z2F3vlnow34/IG9ec
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2