7dd272af0224452794da59ff2662db3cd1acafc9d0ed39c299aebd1e832dfc8f | Triage

Sharing

General

Target

f7f516b14fc134392b625790c2ec7547
Size

31KB
Sample

231228-zvf11aeeer
MD5

f7f516b14fc134392b625790c2ec7547
SHA1

deca895d934f4621817c817f8f6b8d1d581bc994
SHA256

7dd272af0224452794da59ff2662db3cd1acafc9d0ed39c299aebd1e832dfc8f
SHA512

e650b34fa87264015e7d525dad6120f27cffd04fb0b36d701a5b505b7df910cf3e3e27da52224eeb313d783c9f9491833690373a43b0cc561aec06f2a5c4571b
SSDEEP

768:O0ZROEMiH6PjpFwDLmkN585Nceu/CeuVIa5JWAEIdL:n6jiHwwDykNqNIaGAEy

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  f7f516b14fc134392b625790c2ec7547
- Size
  
  31KB
- MD5
  
  f7f516b14fc134392b625790c2ec7547
- SHA1
  
  deca895d934f4621817c817f8f6b8d1d581bc994
- SHA256
  
  7dd272af0224452794da59ff2662db3cd1acafc9d0ed39c299aebd1e832dfc8f
- SHA512
  
  e650b34fa87264015e7d525dad6120f27cffd04fb0b36d701a5b505b7df910cf3e3e27da52224eeb313d783c9f9491833690373a43b0cc561aec06f2a5c4571b
- SSDEEP
  
  768:O0ZROEMiH6PjpFwDLmkN585Nceu/CeuVIa5JWAEIdL:n6jiHwwDykNqNIaGAEy
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2