e1fec9ab4edeebf18f730324683a84529c9a4976abf86ba8803e22ef6c551025 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

LadonStudy.exe
Size

967KB
Sample

231104-ggdplscg2w
MD5

6153ce694983cf7e1c12e875d944e7e7
SHA1

43c27f212a012fbaf93c8f42bec82981a7bfd0ab
SHA256

e1fec9ab4edeebf18f730324683a84529c9a4976abf86ba8803e22ef6c551025
SHA512

9a2859be5f6a851bc0736e45a99c2c4cbcaa9e591e2ef38077402bb00945b630bf266f361f7082d8e8ade7591d20d3c6942f5a2d6594a8063f01b05af5e6d00d
SSDEEP

24576:dIPAoN9Y+p2/uFEm6NRKRprg9QrE5olfTNILMh:yos9No39NRKRpr9E+lfTN0

Score

7^/10

Malware Config

Targets

- Target
  
  LadonStudy.exe
- Size
  
  967KB
- MD5
  
  6153ce694983cf7e1c12e875d944e7e7
- SHA1
  
  43c27f212a012fbaf93c8f42bec82981a7bfd0ab
- SHA256
  
  e1fec9ab4edeebf18f730324683a84529c9a4976abf86ba8803e22ef6c551025
- SHA512
  
  9a2859be5f6a851bc0736e45a99c2c4cbcaa9e591e2ef38077402bb00945b630bf266f361f7082d8e8ade7591d20d3c6942f5a2d6594a8063f01b05af5e6d00d
- SSDEEP
  
  24576:dIPAoN9Y+p2/uFEm6NRKRprg9QrE5olfTNILMh:yos9No39NRKRpr9E+lfTN0
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2