e38ed005ba68150ffe41232a97aaa1c93482eeb71aca125051883e559997f381 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

79ed5197d319cab2ce952076a95047f1
Size

212KB
Sample

240127-lwhpbshge3
MD5

79ed5197d319cab2ce952076a95047f1
SHA1

580c1f92ba14e842b99cb1db2d35d31674af7737
SHA256

e38ed005ba68150ffe41232a97aaa1c93482eeb71aca125051883e559997f381
SHA512

1a2c9dd55b5141b1e1655c8f2cc2f3db0e7fc1afdedf095adb411e993ff7ab48c10bb33775cbcf4dd27203d51ac99f4a428624d2e55215caf7128def5940f0ac
SSDEEP

3072:/cT9g8immW6Pozkk2eKs/CSr2nQ/E2S5ny+bF2u1I+ddDK7Hlq/e8AkgnYnpjBFy:o68i3odBiTl2+TCU/Wk88huhuY

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  79ed5197d319cab2ce952076a95047f1
- Size
  
  212KB
- MD5
  
  79ed5197d319cab2ce952076a95047f1
- SHA1
  
  580c1f92ba14e842b99cb1db2d35d31674af7737
- SHA256
  
  e38ed005ba68150ffe41232a97aaa1c93482eeb71aca125051883e559997f381
- SHA512
  
  1a2c9dd55b5141b1e1655c8f2cc2f3db0e7fc1afdedf095adb411e993ff7ab48c10bb33775cbcf4dd27203d51ac99f4a428624d2e55215caf7128def5940f0ac
- SSDEEP
  
  3072:/cT9g8immW6Pozkk2eKs/CSr2nQ/E2S5ny+bF2u1I+ddDK7Hlq/e8AkgnYnpjBFy:o68i3odBiTl2+TCU/Wk88huhuY
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2