78c54cc8b715332f1a6a2b34b8e424ba8b6161d4c37cccaf6c5a60dfcb0bffa7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

027fdc004a13aa5970010511a465b2dc
Size

702KB
Sample

231225-dtrv8aabd3
MD5

027fdc004a13aa5970010511a465b2dc
SHA1

fdb80bb888e8aaca4fd8aee3124bae4fcdc361ca
SHA256

78c54cc8b715332f1a6a2b34b8e424ba8b6161d4c37cccaf6c5a60dfcb0bffa7
SHA512

a71a0f9b7ad74a3e436452bd4753dcb6b59ab2eff5c20ce542a9723592cf201103129198880eff844b35b9dd0bd7896945cbf22513112951137c0a3eda2f9e5e
SSDEEP

12288:iJthxbxnVZ+ytqXRCW4srjhMJTfLMgdLkT3G/YTcs6YfnFmI4MxSva2iDHkA679:iHJnFtGRZ4shOfLpoTcwlFsvukTR

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  027fdc004a13aa5970010511a465b2dc
- Size
  
  702KB
- MD5
  
  027fdc004a13aa5970010511a465b2dc
- SHA1
  
  fdb80bb888e8aaca4fd8aee3124bae4fcdc361ca
- SHA256
  
  78c54cc8b715332f1a6a2b34b8e424ba8b6161d4c37cccaf6c5a60dfcb0bffa7
- SHA512
  
  a71a0f9b7ad74a3e436452bd4753dcb6b59ab2eff5c20ce542a9723592cf201103129198880eff844b35b9dd0bd7896945cbf22513112951137c0a3eda2f9e5e
- SSDEEP
  
  12288:iJthxbxnVZ+ytqXRCW4srjhMJTfLMgdLkT3G/YTcs6YfnFmI4MxSva2iDHkA679:iHJnFtGRZ4shOfLpoTcwlFsvukTR
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2