0e43ffb6610189ff1231a937304148dd659eb719326f42df12e6e9955bd29a6f | Triage

Sharing

General

Target

SourceTreeSetup-3.3.9.exe
Size

24.8MB
Sample

231013-btvwrsba84
MD5

66f304ccde7c9d9fbad90b19a52a2a0a
SHA1

c457f59a80ba1761a0b0b5cb3dc0d1d349c80395
SHA256

0e43ffb6610189ff1231a937304148dd659eb719326f42df12e6e9955bd29a6f
SHA512

e0d3b2cac83ccc028ebf8f1c6895b9fee022793da2dd245122abaad61bdc22f007a438ace5d9477fb28e9f95fdede7410e8dbc075d08fcb70e6756b9dc2fb814
SSDEEP

393216:EyvPkkSDcyERxMyMfEhE3gY6L1UNSBMFI7wYerTSKiwj4lR5Sd4M0vncjCM:BkkQgssS3X6L1UJFgkf4lRwOT6

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  SourceTreeSetup-3.3.9.exe
- Size
  
  24.8MB
- MD5
  
  66f304ccde7c9d9fbad90b19a52a2a0a
- SHA1
  
  c457f59a80ba1761a0b0b5cb3dc0d1d349c80395
- SHA256
  
  0e43ffb6610189ff1231a937304148dd659eb719326f42df12e6e9955bd29a6f
- SHA512
  
  e0d3b2cac83ccc028ebf8f1c6895b9fee022793da2dd245122abaad61bdc22f007a438ace5d9477fb28e9f95fdede7410e8dbc075d08fcb70e6756b9dc2fb814
- SSDEEP
  
  393216:EyvPkkSDcyERxMyMfEhE3gY6L1UNSBMFI7wYerTSKiwj4lR5Sd4M0vncjCM:BkkQgssS3X6L1UJFgkf4lRwOT6
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2