f1a01cba3ce28ffb27d8b18f2b793ef02d0fb2e211fdda16f0c2e62b0a137b83 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67470709a638df8f38bc8a55e76f83fc
Size

430KB
Sample

231222-fe873aedfm
MD5

67470709a638df8f38bc8a55e76f83fc
SHA1

50747e17a605afdf9a3ffeba5be5f7b597a04709
SHA256

f1a01cba3ce28ffb27d8b18f2b793ef02d0fb2e211fdda16f0c2e62b0a137b83
SHA512

6811dd26d6f390dddb875efd7a42efa37834bf5d6b1ca7375a6efeea439dd3135778b92264d7e4cbf8ef58335979f29bb52252d97df35d5c0abe4315fda633e3
SSDEEP

12288:ibee0PGl89WazvzkmMxM+ltxQMAn0Iv1b70ZSf24:2edGBazvZMHltxtIv1bUS+4

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  67470709a638df8f38bc8a55e76f83fc
- Size
  
  430KB
- MD5
  
  67470709a638df8f38bc8a55e76f83fc
- SHA1
  
  50747e17a605afdf9a3ffeba5be5f7b597a04709
- SHA256
  
  f1a01cba3ce28ffb27d8b18f2b793ef02d0fb2e211fdda16f0c2e62b0a137b83
- SHA512
  
  6811dd26d6f390dddb875efd7a42efa37834bf5d6b1ca7375a6efeea439dd3135778b92264d7e4cbf8ef58335979f29bb52252d97df35d5c0abe4315fda633e3
- SSDEEP
  
  12288:ibee0PGl89WazvzkmMxM+ltxQMAn0Iv1b70ZSf24:2edGBazvZMHltxtIv1bUS+4
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2