3304ed03187f1c6db5247634438c9196e6436cfa381623bf9d04dcd154776cbd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06804a691ed3a89ba37374d43d9836d6
Size

35KB
Sample

231229-24kfwsegf5
MD5

06804a691ed3a89ba37374d43d9836d6
SHA1

f99f7760e6ea2bbf2deedccbcc4b0ef8ec76bbab
SHA256

3304ed03187f1c6db5247634438c9196e6436cfa381623bf9d04dcd154776cbd
SHA512

faacdda6cdadc4636814e8fdab2ae289c4ba881cf41c16e19c6dbfc9650a2d0c9abf232a2bacd2416869a06b21e4f2a1881de7abe952bc552b2e822678c60ffd
SSDEEP

768:YDF+upAlryin6OX6L5ixxV/lApKZrXfANLAEjjNOxRdermzCPX3oY:YDQup4dX6L5sxFZrXoNEMhOxveCE3l

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  06804a691ed3a89ba37374d43d9836d6
- Size
  
  35KB
- MD5
  
  06804a691ed3a89ba37374d43d9836d6
- SHA1
  
  f99f7760e6ea2bbf2deedccbcc4b0ef8ec76bbab
- SHA256
  
  3304ed03187f1c6db5247634438c9196e6436cfa381623bf9d04dcd154776cbd
- SHA512
  
  faacdda6cdadc4636814e8fdab2ae289c4ba881cf41c16e19c6dbfc9650a2d0c9abf232a2bacd2416869a06b21e4f2a1881de7abe952bc552b2e822678c60ffd
- SSDEEP
  
  768:YDF+upAlryin6OX6L5ixxV/lApKZrXfANLAEjjNOxRdermzCPX3oY:YDQup4dX6L5sxFZrXoNEMhOxveCE3l
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2