ad102b4310a87f2ce8a8d74209bb9bdae59007db2f27364966557b314983ae9d | Triage

Sharing

General

Target

318446e9e543064300cba5260bfb5b04
Size

51KB
Sample

231225-v73y3sfbck
MD5

318446e9e543064300cba5260bfb5b04
SHA1

d0dd17ec8440fda0b814c3203475fe06a52d9f84
SHA256

ad102b4310a87f2ce8a8d74209bb9bdae59007db2f27364966557b314983ae9d
SHA512

ddebef82f2afbec81a460355f91fae3e288c117f41db883b1c8b3845d06f5f4976b0b187a32496d5edc0f6e115b04379f93069d956a760e24ed66e35f3b51b45
SSDEEP

1536:9gpkOfcl2H0P15sJdIPnKYvxkpjuQZL7tZlQ05vgkkNJt27X:9gpkOfcl2H0P15sJdIPnKYvx4dA05vSM

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  318446e9e543064300cba5260bfb5b04
- Size
  
  51KB
- MD5
  
  318446e9e543064300cba5260bfb5b04
- SHA1
  
  d0dd17ec8440fda0b814c3203475fe06a52d9f84
- SHA256
  
  ad102b4310a87f2ce8a8d74209bb9bdae59007db2f27364966557b314983ae9d
- SHA512
  
  ddebef82f2afbec81a460355f91fae3e288c117f41db883b1c8b3845d06f5f4976b0b187a32496d5edc0f6e115b04379f93069d956a760e24ed66e35f3b51b45
- SSDEEP
  
  1536:9gpkOfcl2H0P15sJdIPnKYvxkpjuQZL7tZlQ05vgkkNJt27X:9gpkOfcl2H0P15sJdIPnKYvx4dA05vSM
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2