2235290b1ef78b3417ef56c6d40edb4a8143bb1a4d241411f1ee3e3f631eb726 | Triage

Sharing

General

Target

54e774a831ae65d320a56309b2031571
Size

173KB
Sample

240111-3qrtgsagak
MD5

54e774a831ae65d320a56309b2031571
SHA1

c1a900133243bfc8b5197577be45514a310a063c
SHA256

2235290b1ef78b3417ef56c6d40edb4a8143bb1a4d241411f1ee3e3f631eb726
SHA512

63340f9267b04cf186167892a77f204ca760c21ef65006039ae6c17058ba23bd90f092275ccd2e9f9d7904dc06b89384485d4fcefd98d451fcb8222d9d7b0f93
SSDEEP

3072:q9tuNgbNR5Z9V9wyN6SZhk7wj5ZBmrntdqDpFau6WVUu2A4k16Jw/:VNgbz5x9wyN6SZC7S5ZBmrLqdFmch4zw

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  54e774a831ae65d320a56309b2031571
- Size
  
  173KB
- MD5
  
  54e774a831ae65d320a56309b2031571
- SHA1
  
  c1a900133243bfc8b5197577be45514a310a063c
- SHA256
  
  2235290b1ef78b3417ef56c6d40edb4a8143bb1a4d241411f1ee3e3f631eb726
- SHA512
  
  63340f9267b04cf186167892a77f204ca760c21ef65006039ae6c17058ba23bd90f092275ccd2e9f9d7904dc06b89384485d4fcefd98d451fcb8222d9d7b0f93
- SSDEEP
  
  3072:q9tuNgbNR5Z9V9wyN6SZhk7wj5ZBmrntdqDpFau6WVUu2A4k16Jw/:VNgbz5x9wyN6SZC7S5ZBmrLqdFmch4zw
Score

8^/10

persistence
- Drops file in Drivers directory
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2