77fa36a9970840a795705de0305770d33c0b521dc39042249e3f2ef43757654d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7978359243f69fd9d9a67d338af6540c
Size

4.0MB
Sample

231226-s2yq3adfem
MD5

7978359243f69fd9d9a67d338af6540c
SHA1

6b75f1747926b99d06c071ac64e03bc29e853d7d
SHA256

77fa36a9970840a795705de0305770d33c0b521dc39042249e3f2ef43757654d
SHA512

62e3f9a3b07872d8ff058c7eaaaf172e1cc2596f56daa4ed5d1b24955a3cce0c415a121688d5542a3b94034de5d34429a7f939461813001d0f213d932a2cb6bf
SSDEEP

3072:qix5XnHSNwVR6vW6nNQAUrTrogAaU/eTQyBnykmNsNl0viuxzO/B5ukD:qiTXuKUn2X5A2tyfDvMr

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  7978359243f69fd9d9a67d338af6540c
- Size
  
  4.0MB
- MD5
  
  7978359243f69fd9d9a67d338af6540c
- SHA1
  
  6b75f1747926b99d06c071ac64e03bc29e853d7d
- SHA256
  
  77fa36a9970840a795705de0305770d33c0b521dc39042249e3f2ef43757654d
- SHA512
  
  62e3f9a3b07872d8ff058c7eaaaf172e1cc2596f56daa4ed5d1b24955a3cce0c415a121688d5542a3b94034de5d34429a7f939461813001d0f213d932a2cb6bf
- SSDEEP
  
  3072:qix5XnHSNwVR6vW6nNQAUrTrogAaU/eTQyBnykmNsNl0viuxzO/B5ukD:qiTXuKUn2X5A2tyfDvMr
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2