6b59a30ffbb59173a3e379802c5af63956a5db9de4449e54089b92279c97bb97 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

267d269bc2d169c80bfd00cac590ff24
Size

431KB
Sample

231225-r3nf2sche5
MD5

267d269bc2d169c80bfd00cac590ff24
SHA1

c4dc29015be3df9961248b162ac00e0d23c28648
SHA256

6b59a30ffbb59173a3e379802c5af63956a5db9de4449e54089b92279c97bb97
SHA512

af3c9f6c497d108ee0c81fa9e32cd7de992d8d457e4694834e84b72b0261535160efe78e9023d6fcd2d9771f7dc208be42a258e1786c4989b3d273eb8ce06c3e
SSDEEP

12288:n7/CbvBkSiu436qv618YBHkNBX6jMcyv+ug:n7abJkS1S6qy18sQBX6Yz+/

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  267d269bc2d169c80bfd00cac590ff24
- Size
  
  431KB
- MD5
  
  267d269bc2d169c80bfd00cac590ff24
- SHA1
  
  c4dc29015be3df9961248b162ac00e0d23c28648
- SHA256
  
  6b59a30ffbb59173a3e379802c5af63956a5db9de4449e54089b92279c97bb97
- SHA512
  
  af3c9f6c497d108ee0c81fa9e32cd7de992d8d457e4694834e84b72b0261535160efe78e9023d6fcd2d9771f7dc208be42a258e1786c4989b3d273eb8ce06c3e
- SSDEEP
  
  12288:n7/CbvBkSiu436qv618YBHkNBX6jMcyv+ug:n7abJkS1S6qy18sQBX6Yz+/
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2