a4266e47fd1b17b91b44a4a2f258ec1e292f2d16315ff8020c1242f2c14b0688 | Triage

Sharing

General

Target

248980536e8aaddc4f5cd23e285d5b9a
Size

365KB
Sample

231231-czj7wsffck
MD5

248980536e8aaddc4f5cd23e285d5b9a
SHA1

ec027dfb1e5ec87dd4f9f8069fbf932229034051
SHA256

a4266e47fd1b17b91b44a4a2f258ec1e292f2d16315ff8020c1242f2c14b0688
SHA512

4befdf49ce2f54d086dc158e67906d157fd97934d8277b5d633d3e2db788647ee73edc620c1f92ca7d59f054ec936dbb3af734b6973eeda311cd8041610cdc1d
SSDEEP

6144:yPs5yw65yeVG/nYYcptk30fgZpKj6OxcQp7pQR1O:NghHVwYZ2QmO1W1O

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  248980536e8aaddc4f5cd23e285d5b9a
- Size
  
  365KB
- MD5
  
  248980536e8aaddc4f5cd23e285d5b9a
- SHA1
  
  ec027dfb1e5ec87dd4f9f8069fbf932229034051
- SHA256
  
  a4266e47fd1b17b91b44a4a2f258ec1e292f2d16315ff8020c1242f2c14b0688
- SHA512
  
  4befdf49ce2f54d086dc158e67906d157fd97934d8277b5d633d3e2db788647ee73edc620c1f92ca7d59f054ec936dbb3af734b6973eeda311cd8041610cdc1d
- SSDEEP
  
  6144:yPs5yw65yeVG/nYYcptk30fgZpKj6OxcQp7pQR1O:NghHVwYZ2QmO1W1O
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2