9e0f7769b06ecf03ba7db163afd3b4b59753c8cf184bf6818629b0ee95f7da12 | Triage

Sharing

General

Target

67cf8c779974acf40ea1f7c8bdcbcdae
Size

28KB
Sample

240119-rese4agac8
MD5

67cf8c779974acf40ea1f7c8bdcbcdae
SHA1

729ec1e6947fe90ef98cd13ef997755b2b040355
SHA256

9e0f7769b06ecf03ba7db163afd3b4b59753c8cf184bf6818629b0ee95f7da12
SHA512

8a5d250ddcd40220b50943d213a18420147584bc66f2709a2bafcfa6fd56ce2b9b408a2b1ff3cb5b701781a782750be76af6b210ba6d217e8e49eb603a0f1ea9
SSDEEP

768:qlZcWo8ehlBwnZIj42xSs/jI72RGOMD6sWG8+78N:+ZcVfh0Ij7/Zg608v

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  67cf8c779974acf40ea1f7c8bdcbcdae
- Size
  
  28KB
- MD5
  
  67cf8c779974acf40ea1f7c8bdcbcdae
- SHA1
  
  729ec1e6947fe90ef98cd13ef997755b2b040355
- SHA256
  
  9e0f7769b06ecf03ba7db163afd3b4b59753c8cf184bf6818629b0ee95f7da12
- SHA512
  
  8a5d250ddcd40220b50943d213a18420147584bc66f2709a2bafcfa6fd56ce2b9b408a2b1ff3cb5b701781a782750be76af6b210ba6d217e8e49eb603a0f1ea9
- SSDEEP
  
  768:qlZcWo8ehlBwnZIj42xSs/jI72RGOMD6sWG8+78N:+ZcVfh0Ij7/Zg608v
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2