fb86811d324bb2157613d3924693bb1686588805c4d3ddbe7ce3d60e05150331 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

578ba60a653e8a60e2eebb345ea314a4
Size

34KB
Sample

240113-a529jsghdm
MD5

578ba60a653e8a60e2eebb345ea314a4
SHA1

ab2379819c820fb56468ec249ad924e034771680
SHA256

fb86811d324bb2157613d3924693bb1686588805c4d3ddbe7ce3d60e05150331
SHA512

1abba561a1fe7c18cd5fdd052144d216a72717caf1981c077a11e46786b5ff7abf99307ff3b709187d36e17d5ba36bd44678080df357be56d878151ebfd8edcd
SSDEEP

768:zSAQonWy9JTfyar4+YLle/gvsa7SXcclpFgbp4ev18ueCwCk:zrNWynTaeYLleESFFgdDv18ublk

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  578ba60a653e8a60e2eebb345ea314a4
- Size
  
  34KB
- MD5
  
  578ba60a653e8a60e2eebb345ea314a4
- SHA1
  
  ab2379819c820fb56468ec249ad924e034771680
- SHA256
  
  fb86811d324bb2157613d3924693bb1686588805c4d3ddbe7ce3d60e05150331
- SHA512
  
  1abba561a1fe7c18cd5fdd052144d216a72717caf1981c077a11e46786b5ff7abf99307ff3b709187d36e17d5ba36bd44678080df357be56d878151ebfd8edcd
- SSDEEP
  
  768:zSAQonWy9JTfyar4+YLle/gvsa7SXcclpFgbp4ev18ueCwCk:zrNWynTaeYLleESFFgdDv18ublk
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2