e13aba2963594cf98fc61b629c8ec8da5ca17c45abc97a6fb897a5474873a4b1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d417d1e6264b5c51f1968ef90f57949
Size

297KB
Sample

231226-c5rtxsbcd7
MD5

4d417d1e6264b5c51f1968ef90f57949
SHA1

56ff99a7549e716b9fa84423dc02b9ab570905c3
SHA256

e13aba2963594cf98fc61b629c8ec8da5ca17c45abc97a6fb897a5474873a4b1
SHA512

51964c7f0114d8e097f4fe4c9922493f3379d8e4538b64bda14b1f7ead4955e0eca796c0fed21744696cd4d88dfe1b71cf72d3897891a1130b4ecb110bcd3b31
SSDEEP

6144:tcWMJJhqryYP/AarB8JZAWLXPIbgVLA3B1YajIuwkFzcz7CfcREdmNPr9MG/:tczJJhqrVPYhAWbYJnYajIEgzumEQNTB

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  4d417d1e6264b5c51f1968ef90f57949
- Size
  
  297KB
- MD5
  
  4d417d1e6264b5c51f1968ef90f57949
- SHA1
  
  56ff99a7549e716b9fa84423dc02b9ab570905c3
- SHA256
  
  e13aba2963594cf98fc61b629c8ec8da5ca17c45abc97a6fb897a5474873a4b1
- SHA512
  
  51964c7f0114d8e097f4fe4c9922493f3379d8e4538b64bda14b1f7ead4955e0eca796c0fed21744696cd4d88dfe1b71cf72d3897891a1130b4ecb110bcd3b31
- SSDEEP
  
  6144:tcWMJJhqryYP/AarB8JZAWLXPIbgVLA3B1YajIuwkFzcz7CfcREdmNPr9MG/:tczJJhqrVPYhAWbYJnYajIEgzumEQNTB
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2