7280847be808f2f89741e931900fc8836e9760b056e0cc192fe24fa8114439af | Triage

Sharing

General

Target

17990ef819b76de43eb19ee4889e4678
Size

19KB
Sample

231225-mmrrbagcd7
MD5

17990ef819b76de43eb19ee4889e4678
SHA1

4e0fc13a50ef08c6d60ac12ab168d745c1926307
SHA256

7280847be808f2f89741e931900fc8836e9760b056e0cc192fe24fa8114439af
SHA512

1eaf68a7706af74ea05457f1e16ae44b7d5adafeb563a8ec94ad48a6966d704f8f971f48bacec9c4a70bc76b8e0bac1918a368e0edebf3984de0ac9396c88517
SSDEEP

384:IQkBeLas8Qj7f0gsLgdWxXmUCiRNWWBEHVEoOyG6tL3N8XE44bWH:IQ6Iasr7Scd0mHfOyG6VNmL4g

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  17990ef819b76de43eb19ee4889e4678
- Size
  
  19KB
- MD5
  
  17990ef819b76de43eb19ee4889e4678
- SHA1
  
  4e0fc13a50ef08c6d60ac12ab168d745c1926307
- SHA256
  
  7280847be808f2f89741e931900fc8836e9760b056e0cc192fe24fa8114439af
- SHA512
  
  1eaf68a7706af74ea05457f1e16ae44b7d5adafeb563a8ec94ad48a6966d704f8f971f48bacec9c4a70bc76b8e0bac1918a368e0edebf3984de0ac9396c88517
- SSDEEP
  
  384:IQkBeLas8Qj7f0gsLgdWxXmUCiRNWWBEHVEoOyG6tL3N8XE44bWH:IQ6Iasr7Scd0mHfOyG6VNmL4g
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2