6f2129b1e154ac4e59778563467a9eac91912d9dc03aa6ab5bfe88cf58dd033b | Triage

Sharing

General

Target

8277a28b42eb820b6003c4e08d0053b4
Size

6.9MB
Sample

231012-rqeclsdg5w
MD5

8277a28b42eb820b6003c4e08d0053b4
SHA1

968b66c72bb65214cfd57af1ae9eda086a5fbc17
SHA256

6f2129b1e154ac4e59778563467a9eac91912d9dc03aa6ab5bfe88cf58dd033b
SHA512

116d87e23f64eeb8b917f79408479e348c474097f10a89aff09dc8c8be4ebbe58238bf77252442a667463a6652f0452a8fc06c75925af1a1e91d291a3c59eff3
SSDEEP

196608:1OsgMzFzZ/4pz/8X7yuP20nAEhYuz0gUTqfk2S+:1O/M9ZQRYyuhAAYuQTW82S+

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  8277a28b42eb820b6003c4e08d0053b4
- Size
  
  6.9MB
- MD5
  
  8277a28b42eb820b6003c4e08d0053b4
- SHA1
  
  968b66c72bb65214cfd57af1ae9eda086a5fbc17
- SHA256
  
  6f2129b1e154ac4e59778563467a9eac91912d9dc03aa6ab5bfe88cf58dd033b
- SHA512
  
  116d87e23f64eeb8b917f79408479e348c474097f10a89aff09dc8c8be4ebbe58238bf77252442a667463a6652f0452a8fc06c75925af1a1e91d291a3c59eff3
- SSDEEP
  
  196608:1OsgMzFzZ/4pz/8X7yuP20nAEhYuz0gUTqfk2S+:1O/M9ZQRYyuhAAYuQTW82S+
Score

8^/10

persistence
- Sets DLL path for service in the registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2