13b93052bd3c21116341c45ca05d2906a6dac0cb0e33eeec50207c29a6c9cacc | Triage

Sharing

General

Target

10a1129f1d9006deaa71b13080c55cc3
Size

406KB
Sample

231224-y52j1sbdg6
MD5

10a1129f1d9006deaa71b13080c55cc3
SHA1

6379456b070afcc9c66a59caf61b74c6729975e7
SHA256

13b93052bd3c21116341c45ca05d2906a6dac0cb0e33eeec50207c29a6c9cacc
SHA512

4bcf981a94880597f011a2b15ef8d05f293bb4f947ae5f87672391cc66b295a6b4b08c38adf082323ae3032cfe9603ea8aa8df46dc0f0063de0546b2f0e55cfa
SSDEEP

12288:d9OvXfmfro5sQQBZRrUd09KuJqFqlAuA5Tq2Nob09:CvPmfro8BZRrUnqaJq2Nj

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  10a1129f1d9006deaa71b13080c55cc3
- Size
  
  406KB
- MD5
  
  10a1129f1d9006deaa71b13080c55cc3
- SHA1
  
  6379456b070afcc9c66a59caf61b74c6729975e7
- SHA256
  
  13b93052bd3c21116341c45ca05d2906a6dac0cb0e33eeec50207c29a6c9cacc
- SHA512
  
  4bcf981a94880597f011a2b15ef8d05f293bb4f947ae5f87672391cc66b295a6b4b08c38adf082323ae3032cfe9603ea8aa8df46dc0f0063de0546b2f0e55cfa
- SSDEEP
  
  12288:d9OvXfmfro5sQQBZRrUd09KuJqFqlAuA5Tq2Nob09:CvPmfro8BZRrUnqaJq2Nj
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2