4279cdf0874c8938e6af234bf408bba280faefb062a8669c2b2bb2558a884a1f | Triage

Sharing

General

Target

0ca1c7acbb934b798fd93fb5eb4aa0bc
Size

476KB
Sample

231230-dq343scfb9
MD5

0ca1c7acbb934b798fd93fb5eb4aa0bc
SHA1

86253c0bd521047ec012f68885be580cc9c4d82f
SHA256

4279cdf0874c8938e6af234bf408bba280faefb062a8669c2b2bb2558a884a1f
SHA512

31817f19eec863d3f1d96ec89159ae2eb5f6d054f7fc7f36d93ff4f16eda9ec3c296b1b8a72a35e288dd9b6528d04212e2b6bf6a87d86dae7393c8a3973bf7eb
SSDEEP

12288:TNodBiTI+TpTA6EZO7KUQRZ66z24VZbdrpgrXN2LWzmidN:ZoPD+TpT3vKU6Z66z24VZbFpgJ2LWzm+

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  0ca1c7acbb934b798fd93fb5eb4aa0bc
- Size
  
  476KB
- MD5
  
  0ca1c7acbb934b798fd93fb5eb4aa0bc
- SHA1
  
  86253c0bd521047ec012f68885be580cc9c4d82f
- SHA256
  
  4279cdf0874c8938e6af234bf408bba280faefb062a8669c2b2bb2558a884a1f
- SHA512
  
  31817f19eec863d3f1d96ec89159ae2eb5f6d054f7fc7f36d93ff4f16eda9ec3c296b1b8a72a35e288dd9b6528d04212e2b6bf6a87d86dae7393c8a3973bf7eb
- SSDEEP
  
  12288:TNodBiTI+TpTA6EZO7KUQRZ66z24VZbdrpgrXN2LWzmidN:ZoPD+TpT3vKU6Z66z24VZbFpgJ2LWzm+
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2