e79b4ebc298104938b1dc8806c3fa6e4e0474614de4a305a707764399af75e6a | Triage

Sharing

General

Target

f824e7c25755f76125cbb0302ba6dca2
Size

155KB
Sample

231228-zxh85saca6
MD5

f824e7c25755f76125cbb0302ba6dca2
SHA1

819db84a0b34947f774a4371f2b71dffc6f48df2
SHA256

e79b4ebc298104938b1dc8806c3fa6e4e0474614de4a305a707764399af75e6a
SHA512

38bb9344ca0d6a392654f05fb6477f34926f37e51aca69dce98452d8206675f2a31ba321ee08ba9cfc9f4367e4a3b6a98644acd951fa46746480d1f52c13d75c
SSDEEP

3072:O75Mx7N8OoKH8naPibuAlcL8VzuIZY4LQu/9qgExQ2iSRB:bxjoKcaPCplcWzrZ7L7AgEae

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  f824e7c25755f76125cbb0302ba6dca2
- Size
  
  155KB
- MD5
  
  f824e7c25755f76125cbb0302ba6dca2
- SHA1
  
  819db84a0b34947f774a4371f2b71dffc6f48df2
- SHA256
  
  e79b4ebc298104938b1dc8806c3fa6e4e0474614de4a305a707764399af75e6a
- SHA512
  
  38bb9344ca0d6a392654f05fb6477f34926f37e51aca69dce98452d8206675f2a31ba321ee08ba9cfc9f4367e4a3b6a98644acd951fa46746480d1f52c13d75c
- SSDEEP
  
  3072:O75Mx7N8OoKH8naPibuAlcL8VzuIZY4LQu/9qgExQ2iSRB:bxjoKcaPCplcWzrZ7L7AgEae
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2