dc95d2b295f0d8ec9fc058112be1e2b816b61aaf633d1f3c2aed8834233ae806 | Triage

Sharing

General

Target

053d684fe06242554321e78d0c90e351
Size

650KB
Sample

231229-129sbsbcdr
MD5

053d684fe06242554321e78d0c90e351
SHA1

c50bff9839f1d0eb410c30de4c6f6f820b2e1bd0
SHA256

dc95d2b295f0d8ec9fc058112be1e2b816b61aaf633d1f3c2aed8834233ae806
SHA512

f4db6aecb06081120323f4c693c0bc9516dc618a11815f3fd73deb74df44bf071dd690ccb75eb84a15cff03c070d7f3e63fbc2429b9f088b9c5eab70e0032ca5
SSDEEP

12288:pht3PvP+Vb+6qmn9hlmcAdwcl8ogDQA8C6AmkOAGEHCoVaZkK:p7ur9DqBDg8XemkvGEHkv

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  053d684fe06242554321e78d0c90e351
- Size
  
  650KB
- MD5
  
  053d684fe06242554321e78d0c90e351
- SHA1
  
  c50bff9839f1d0eb410c30de4c6f6f820b2e1bd0
- SHA256
  
  dc95d2b295f0d8ec9fc058112be1e2b816b61aaf633d1f3c2aed8834233ae806
- SHA512
  
  f4db6aecb06081120323f4c693c0bc9516dc618a11815f3fd73deb74df44bf071dd690ccb75eb84a15cff03c070d7f3e63fbc2429b9f088b9c5eab70e0032ca5
- SSDEEP
  
  12288:pht3PvP+Vb+6qmn9hlmcAdwcl8ogDQA8C6AmkOAGEHCoVaZkK:p7ur9DqBDg8XemkvGEHkv
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Registers COM server for autorun
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2