38d46876704f3ec402e64080559d60dda3895e1e9fc463217aad4de37f2463c3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4e28f7988213386570c50b00d7518fc2
Size

391KB
Sample

240109-nejw6sgaer
MD5

4e28f7988213386570c50b00d7518fc2
SHA1

e399a2baac0743f215eda9b184a92b8d4a60e563
SHA256

38d46876704f3ec402e64080559d60dda3895e1e9fc463217aad4de37f2463c3
SHA512

1f74bd975c4c87635f2de5a2d24a946160609c4c1ed74d122b34221c9eec9793705fbe1a4717b6c1cb8e0ec0d20e408ee5d5bb974cad51f25138270b281e97bf
SSDEEP

12288:uEhh5//k/ufkK5UcHoPrpbQjMcmdA6Viac:uw5/8uDmcHoPrpGsdA6Ve

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  4e28f7988213386570c50b00d7518fc2
- Size
  
  391KB
- MD5
  
  4e28f7988213386570c50b00d7518fc2
- SHA1
  
  e399a2baac0743f215eda9b184a92b8d4a60e563
- SHA256
  
  38d46876704f3ec402e64080559d60dda3895e1e9fc463217aad4de37f2463c3
- SHA512
  
  1f74bd975c4c87635f2de5a2d24a946160609c4c1ed74d122b34221c9eec9793705fbe1a4717b6c1cb8e0ec0d20e408ee5d5bb974cad51f25138270b281e97bf
- SSDEEP
  
  12288:uEhh5//k/ufkK5UcHoPrpbQjMcmdA6Viac:uw5/8uDmcHoPrpGsdA6Ve
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2