50242b91f24c282bd51c8f742f19176e3054fc38a6413ede37f70fd5cd7eb13d | Triage

Sharing

General

Target

54386e1ef991a60bda98b305feadc678
Size

110KB
Sample

240111-wr2xhsdecj
MD5

54386e1ef991a60bda98b305feadc678
SHA1

892125075d550437a3c5b28de2d1b37370b0762e
SHA256

50242b91f24c282bd51c8f742f19176e3054fc38a6413ede37f70fd5cd7eb13d
SHA512

0902d4d8eef6857cd0b65cdad6c9545fd18baabca50a9ef716a5fd14780fee501bbb25469474c36b1d34c5731193a4106cde05670058f92917710851b6731e50
SSDEEP

3072:wXzNDOJ6EnxF4TQIbpM+9Jut5BLnWDsD27n2:wDNhOxF4cIbJXut5BjWD4F

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  54386e1ef991a60bda98b305feadc678
- Size
  
  110KB
- MD5
  
  54386e1ef991a60bda98b305feadc678
- SHA1
  
  892125075d550437a3c5b28de2d1b37370b0762e
- SHA256
  
  50242b91f24c282bd51c8f742f19176e3054fc38a6413ede37f70fd5cd7eb13d
- SHA512
  
  0902d4d8eef6857cd0b65cdad6c9545fd18baabca50a9ef716a5fd14780fee501bbb25469474c36b1d34c5731193a4106cde05670058f92917710851b6731e50
- SSDEEP
  
  3072:wXzNDOJ6EnxF4TQIbpM+9Jut5BLnWDsD27n2:wDNhOxF4cIbJXut5BjWD4F
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2