65907c6254e30913a33ce9b71a1644d9730eff4b450a7aa6830e184ebfca76af | Triage

Sharing

General

Target

39668f1f623383d85e1b3fefa689ccd8
Size

430KB
Sample

231219-q5ljsshcck
MD5

39668f1f623383d85e1b3fefa689ccd8
SHA1

c19136d3fbd2848ae15530896c208ebb725e9d19
SHA256

65907c6254e30913a33ce9b71a1644d9730eff4b450a7aa6830e184ebfca76af
SHA512

d167991b38c3acd44ee4ec29e3cb26fb8f8ebe8a1e45f77046865e981d767b3dd0665d4663ac427d36945fa4538d7c34e3320abc4a8f5507bad7acf19c8c7392
SSDEEP

12288:ibee0PGl89WazvzkmMxM+ltxQMAn0Iv1b70ZSf2q:2edGBazvZMHltxtIv1bUS+q

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  39668f1f623383d85e1b3fefa689ccd8
- Size
  
  430KB
- MD5
  
  39668f1f623383d85e1b3fefa689ccd8
- SHA1
  
  c19136d3fbd2848ae15530896c208ebb725e9d19
- SHA256
  
  65907c6254e30913a33ce9b71a1644d9730eff4b450a7aa6830e184ebfca76af
- SHA512
  
  d167991b38c3acd44ee4ec29e3cb26fb8f8ebe8a1e45f77046865e981d767b3dd0665d4663ac427d36945fa4538d7c34e3320abc4a8f5507bad7acf19c8c7392
- SSDEEP
  
  12288:ibee0PGl89WazvzkmMxM+ltxQMAn0Iv1b70ZSf2q:2edGBazvZMHltxtIv1bUS+q
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2