cd4f6b784e998bb2d3a466a4c5c851338d640ac3fe12e2dac5bcffd23cae665d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12e2e3896b34c59c90b436e3245d80ff
Size

42KB
Sample

231230-jw3cmafeel
MD5

12e2e3896b34c59c90b436e3245d80ff
SHA1

764b2be5323ef6f66cf2614d4a6f50a2f0a85691
SHA256

cd4f6b784e998bb2d3a466a4c5c851338d640ac3fe12e2dac5bcffd23cae665d
SHA512

e85c69ebd8b00e717e46aa66cc5a24bb0e0a21df05414e44b4abc054dbc8e0df769541afb80a5b05ef59a7745e672b90bcfe329fdcb99b7e6b946f3a84458dce
SSDEEP

768:cHwPmlu0S9A/e8xCJr3SEr8xo1pKDElDhIUfWK2LKZ2NxCXCJGD34SXeeP:c6mIh9AW8xCoQ8xMYDElDai2NYyehtP

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  12e2e3896b34c59c90b436e3245d80ff
- Size
  
  42KB
- MD5
  
  12e2e3896b34c59c90b436e3245d80ff
- SHA1
  
  764b2be5323ef6f66cf2614d4a6f50a2f0a85691
- SHA256
  
  cd4f6b784e998bb2d3a466a4c5c851338d640ac3fe12e2dac5bcffd23cae665d
- SHA512
  
  e85c69ebd8b00e717e46aa66cc5a24bb0e0a21df05414e44b4abc054dbc8e0df769541afb80a5b05ef59a7745e672b90bcfe329fdcb99b7e6b946f3a84458dce
- SSDEEP
  
  768:cHwPmlu0S9A/e8xCJr3SEr8xo1pKDElDhIUfWK2LKZ2NxCXCJGD34SXeeP:c6mIh9AW8xCoQ8xMYDElDai2NYyehtP
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2