79e41d9ca44c3c2b46d10fb59ddc1a93ce75963839fa1836688dad42a709aa44 | Triage

Sharing

General

Target

5c82842c942e6c26adaf51fc85f9da84
Size

15KB
Sample

231226-jalgzsbhbl
MD5

5c82842c942e6c26adaf51fc85f9da84
SHA1

713854a463d7239ce0f239e6b915b72a2dfca272
SHA256

79e41d9ca44c3c2b46d10fb59ddc1a93ce75963839fa1836688dad42a709aa44
SHA512

3722fc8881434379cbfc2e721ee22aa8318d801c33fe645f03344c689ec015468da7cfe0afc76d6bd90296926ddb1fbc685c4b90809d84b46c78c8627ec1d8fc
SSDEEP

384:05TuJj+wS7VYcvqbqQ7ARjSovhx8aJZLB6:1iHqf7bovPtr

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  5c82842c942e6c26adaf51fc85f9da84
- Size
  
  15KB
- MD5
  
  5c82842c942e6c26adaf51fc85f9da84
- SHA1
  
  713854a463d7239ce0f239e6b915b72a2dfca272
- SHA256
  
  79e41d9ca44c3c2b46d10fb59ddc1a93ce75963839fa1836688dad42a709aa44
- SHA512
  
  3722fc8881434379cbfc2e721ee22aa8318d801c33fe645f03344c689ec015468da7cfe0afc76d6bd90296926ddb1fbc685c4b90809d84b46c78c8627ec1d8fc
- SSDEEP
  
  384:05TuJj+wS7VYcvqbqQ7ARjSovhx8aJZLB6:1iHqf7bovPtr
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2