cbe595750d217c3e883dfbbf7887f8c0f2e02f8664d3ac0c7893b7d9770f894b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49ad20efccb56332bf6b1abea1809da0
Size

253KB
Sample

240107-y5gvlsdfen
MD5

49ad20efccb56332bf6b1abea1809da0
SHA1

11b98f7be070effa40df425c29d661b2edf0ce9e
SHA256

cbe595750d217c3e883dfbbf7887f8c0f2e02f8664d3ac0c7893b7d9770f894b
SHA512

727eed50e18118bd01104f8e9c1e3620936c34b98ed5b143083cb38fc1056aca4f089cc550582d93ef2bc8da1f7d4f2d6d776424f749ba38464bd1f733a4bfad
SSDEEP

6144:o68i3odBiTl2+TCU/8k8rk8KfQlmhuhuq:TNodBiTI+Tp8zA6Yur

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  49ad20efccb56332bf6b1abea1809da0
- Size
  
  253KB
- MD5
  
  49ad20efccb56332bf6b1abea1809da0
- SHA1
  
  11b98f7be070effa40df425c29d661b2edf0ce9e
- SHA256
  
  cbe595750d217c3e883dfbbf7887f8c0f2e02f8664d3ac0c7893b7d9770f894b
- SHA512
  
  727eed50e18118bd01104f8e9c1e3620936c34b98ed5b143083cb38fc1056aca4f089cc550582d93ef2bc8da1f7d4f2d6d776424f749ba38464bd1f733a4bfad
- SSDEEP
  
  6144:o68i3odBiTl2+TCU/8k8rk8KfQlmhuhuq:TNodBiTI+Tp8zA6Yur
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2