29d6cc5359edb9b0e33c13dbc9db1c8d5defc0eb76c78cc77b6e941fcb202452 | Triage

Sharing

General

Target

05d269bf444039a67a4f672c3f3e8add
Size

1.0MB
Sample

231225-fccq3shfbl
MD5

05d269bf444039a67a4f672c3f3e8add
SHA1

b477973cfa7b35ab7b757be6f1ea691ea73912d0
SHA256

29d6cc5359edb9b0e33c13dbc9db1c8d5defc0eb76c78cc77b6e941fcb202452
SHA512

dabfc2f0fc57d7813786f1861b1d4f09e80b538b89943b9dbb8ae3324e8e8f94b387dfabf22fcec9545fd2117640086c9698141c1f18f4f31b17bfc3669c91c3
SSDEEP

24576:TWfAedhvZ95Paor1WmDQT3DsZq7iHEPT02NNeiNCA7mY0:T0vZ95PvWR7wdEjNC

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  05d269bf444039a67a4f672c3f3e8add
- Size
  
  1.0MB
- MD5
  
  05d269bf444039a67a4f672c3f3e8add
- SHA1
  
  b477973cfa7b35ab7b757be6f1ea691ea73912d0
- SHA256
  
  29d6cc5359edb9b0e33c13dbc9db1c8d5defc0eb76c78cc77b6e941fcb202452
- SHA512
  
  dabfc2f0fc57d7813786f1861b1d4f09e80b538b89943b9dbb8ae3324e8e8f94b387dfabf22fcec9545fd2117640086c9698141c1f18f4f31b17bfc3669c91c3
- SSDEEP
  
  24576:TWfAedhvZ95Paor1WmDQT3DsZq7iHEPT02NNeiNCA7mY0:T0vZ95PvWR7wdEjNC
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2