e963c12bf3b1ee0edc47099a5dd88c2348c368719df71eba054d2f930840239d | Triage

Sharing

General

Target

1d4a924a3c08cc820a0dd0543a528d02
Size

40KB
Sample

231225-axa54abghm
MD5

1d4a924a3c08cc820a0dd0543a528d02
SHA1

05087a073ad9673ad88b173ff72be0c24db8c2bc
SHA256

e963c12bf3b1ee0edc47099a5dd88c2348c368719df71eba054d2f930840239d
SHA512

1ef310e2b251857d53dcc4830498aa6a47f95e7cf84cdcbfeb1ecd9aca464b3b8f672fcc23820ed0ed55a2b90bd4e6ededca3ee618ebcd6a0faeb6c2af421cd7
SSDEEP

384:0SBD9q934JbnoukusPW/6tusat4JEH1Vmu/pLTAlmQZzeT0pqfALXsKL+Nf:r9q93gbnoRus+/Sus47mv/cf

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  1d4a924a3c08cc820a0dd0543a528d02
- Size
  
  40KB
- MD5
  
  1d4a924a3c08cc820a0dd0543a528d02
- SHA1
  
  05087a073ad9673ad88b173ff72be0c24db8c2bc
- SHA256
  
  e963c12bf3b1ee0edc47099a5dd88c2348c368719df71eba054d2f930840239d
- SHA512
  
  1ef310e2b251857d53dcc4830498aa6a47f95e7cf84cdcbfeb1ecd9aca464b3b8f672fcc23820ed0ed55a2b90bd4e6ededca3ee618ebcd6a0faeb6c2af421cd7
- SSDEEP
  
  384:0SBD9q934JbnoukusPW/6tusat4JEH1Vmu/pLTAlmQZzeT0pqfALXsKL+Nf:r9q93gbnoRus+/Sus47mv/cf
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2