c5b286a65a933f73927e8b7729db2a0f29317ea0ab58e771a7b19617f32557b8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46cb47da604500fc6c597be261926c07
Size

180KB
Sample

240106-v2g5esebb4
MD5

46cb47da604500fc6c597be261926c07
SHA1

5c7fc7f69e12eca65fdff23b4a3e7b8676508009
SHA256

c5b286a65a933f73927e8b7729db2a0f29317ea0ab58e771a7b19617f32557b8
SHA512

a47170642d0c0eb7a283748b3f3430f3c767a77bb5cc17e6e5782eb89c77b3405ab0f19fdf871b937846dcff5ae3cf2e054e4888a8ac86ad1b5abb71cf115c46
SSDEEP

768:HcTkkrwLA6lMNYvZ+00LFdCCDZzoc+Z5HdewVLh1k5SQFqdKjCq0H5BdUf2jVYvz:2PMZV9jgSQydA2+hjgSQHgX

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  46cb47da604500fc6c597be261926c07
- Size
  
  180KB
- MD5
  
  46cb47da604500fc6c597be261926c07
- SHA1
  
  5c7fc7f69e12eca65fdff23b4a3e7b8676508009
- SHA256
  
  c5b286a65a933f73927e8b7729db2a0f29317ea0ab58e771a7b19617f32557b8
- SHA512
  
  a47170642d0c0eb7a283748b3f3430f3c767a77bb5cc17e6e5782eb89c77b3405ab0f19fdf871b937846dcff5ae3cf2e054e4888a8ac86ad1b5abb71cf115c46
- SSDEEP
  
  768:HcTkkrwLA6lMNYvZ+00LFdCCDZzoc+Z5HdewVLh1k5SQFqdKjCq0H5BdUf2jVYvz:2PMZV9jgSQydA2+hjgSQHgX
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2