c2565c7a6e4e8b27dd49a1f8fcb32dd26f1e6e8aebbb40dfc72e084c240270e2 | Triage

Sharing

General

Target

080a0b69cbbf5b3714327dde30cc30a3
Size

460KB
Sample

231230-afas1ageb3
MD5

080a0b69cbbf5b3714327dde30cc30a3
SHA1

43cfc750efa4c93cf44130bf6505ef360647971c
SHA256

c2565c7a6e4e8b27dd49a1f8fcb32dd26f1e6e8aebbb40dfc72e084c240270e2
SHA512

2a6bf6524ae10ce4b32047082f2c94e7d19e59bdffec2e28824dcb1da6228bf49830162838bd2236f4f91ebd1f493f0e8fbcf9d36167701e2253871a9fcbd731
SSDEEP

12288:W22ALSjAxYk7ce+n7pQR9dtSamzHT7q6j:oZAxZf+n7qzSamzHy6j

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  080a0b69cbbf5b3714327dde30cc30a3
- Size
  
  460KB
- MD5
  
  080a0b69cbbf5b3714327dde30cc30a3
- SHA1
  
  43cfc750efa4c93cf44130bf6505ef360647971c
- SHA256
  
  c2565c7a6e4e8b27dd49a1f8fcb32dd26f1e6e8aebbb40dfc72e084c240270e2
- SHA512
  
  2a6bf6524ae10ce4b32047082f2c94e7d19e59bdffec2e28824dcb1da6228bf49830162838bd2236f4f91ebd1f493f0e8fbcf9d36167701e2253871a9fcbd731
- SSDEEP
  
  12288:W22ALSjAxYk7ce+n7pQR9dtSamzHT7q6j:oZAxZf+n7qzSamzHy6j
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
- Checks for any installed AV software in registry
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Software Discovery

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2