03c624fea61dd78381058ac1072dec2a40272bd0c200600fad853adcf19a8367 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31d1ca9377b19e95f857b58af625fb9b
Size

433KB
Sample

231225-wapwmahed6
MD5

31d1ca9377b19e95f857b58af625fb9b
SHA1

12de4c5d6bd5a2c891fcf8e3f90380e0407f0a9b
SHA256

03c624fea61dd78381058ac1072dec2a40272bd0c200600fad853adcf19a8367
SHA512

9c007c3242fb0e829567905c627c16ef8ace8ac372ab18bdf863b0ef0f16ee6e50fb3432aabd383da7bae7dc6192f1d10898b6d4c92d2652f933f0464020c57a
SSDEEP

6144:Hmu5N1g6PNzPfD/rlSS7eyxtMWn8f2ljtrMn2I6ZrZoBndeY+sQJnmXACiw2cUoQ:GMjfD3LxmC5j5iTk1oBoYqnmwCWc7152

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  Iniuria v1.7.9/Iniuria.dll
- Size
  
  316KB
- MD5
  
  0e7957480475284d355dd470c20259b9
- SHA1
  
  4f268ed2cd14dffec87dac797e30387463f6a26d
- SHA256
  
  f4ca82b306bd9a3b131f0fde806bc7c66d2506c34d8c5a9e70a0621b60dd7a0e
- SHA512
  
  c5e78925ce9b4cd5f2bb60015a363e0168d917025828ceeece12320b8500e11fa3a35c04f6287e165497dff2fa35bd7daf777f86ff04ed032ef54ed507b2c53d
- SSDEEP
  
  6144:4/i70ZNXtm8xLjOsWq+aR2p1xAOcIDGIAR:wPxLj5d2BdDaR
Score

1^/10
behavioral1 behavioral2
- Target
  
  Iniuria v1.7.9/Iniuria.exe
- Size
  
  339KB
- MD5
  
  d82dfa04d8d740c83ec335f52dfd3f70
- SHA1
  
  a23d5d6bc3ff6f2dd52f81654068e64154757968
- SHA256
  
  c9fb7cf76de669df51c0105e76108ba83041f41407d636b7072e80639fae8e4d
- SHA512
  
  250265e7d735ce0bcb6ba4fa14f23c155b8331ecca13c0d71c5082769f3bbca0bd52aaafa3f5f7197814d97a8bb52c2e5367627a95bff68a477718390258a8f3
- SSDEEP
  
  6144:mTfFDbRnOTrbpr4n2I6ZrZoBndeYWsQJLc4uiS2ezjuFLrUbkEVYC5hn:E5Ox+Tk1oBoYiPxUutC55
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4