39f2de7559be9bbe9d658d31bd59ff24f0d2b339392cbeef0bd3b7c7da24100e | Triage

Sharing

General

Target

59b9e44a7d7885a723c71a78a362edf5
Size

35KB
Sample

240113-3tsvysgbhj
MD5

59b9e44a7d7885a723c71a78a362edf5
SHA1

19b4706f57bf8bf20d26b11682aef58aad522aa3
SHA256

39f2de7559be9bbe9d658d31bd59ff24f0d2b339392cbeef0bd3b7c7da24100e
SHA512

36b140ce8f2a5b75768bf0f3acbb837fa4a17958ca86f7ab5000da717df2cc46f30dfa973251b9ba3aeff9001506b06f09401b0394ce8c149643227c4eadffec
SSDEEP

768:CXNlj0yT2iXWza/fjqUjIg94qQtkVMCnO8yE+k/YLwazqbWY:Y10IjvIg9fQtkCCnO1k/YLET

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  59b9e44a7d7885a723c71a78a362edf5
- Size
  
  35KB
- MD5
  
  59b9e44a7d7885a723c71a78a362edf5
- SHA1
  
  19b4706f57bf8bf20d26b11682aef58aad522aa3
- SHA256
  
  39f2de7559be9bbe9d658d31bd59ff24f0d2b339392cbeef0bd3b7c7da24100e
- SHA512
  
  36b140ce8f2a5b75768bf0f3acbb837fa4a17958ca86f7ab5000da717df2cc46f30dfa973251b9ba3aeff9001506b06f09401b0394ce8c149643227c4eadffec
- SSDEEP
  
  768:CXNlj0yT2iXWza/fjqUjIg94qQtkVMCnO8yE+k/YLwazqbWY:Y10IjvIg9fQtkCCnO1k/YLET
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2