0402f68fac0aeccff34ecd121d0ca07b876e04db127314395cba77ddb8111a0c | Triage

Sharing

General

Target

7c8890a5a454fc14dff585df18592b38
Size

32KB
Sample

240128-jgblcsfhhn
MD5

7c8890a5a454fc14dff585df18592b38
SHA1

1d5965ff5d9bc1cf0696c94bb107a57d4cc9243a
SHA256

0402f68fac0aeccff34ecd121d0ca07b876e04db127314395cba77ddb8111a0c
SHA512

3a25c03eaac44074b81ef22d5627b0f463ac652492a9964479941358c3ca387a6c3d48361706562b31e2679062df1fa07d2ed63a4cabee689ba62743844514cf
SSDEEP

384:ayYWS0SzmwevmUsCOQAcKhE8BNvyIBDi4NN149nWaYg3CoKPWfmssAS7KL1:wxQb9T9nWC/+RHG

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  7c8890a5a454fc14dff585df18592b38
- Size
  
  32KB
- MD5
  
  7c8890a5a454fc14dff585df18592b38
- SHA1
  
  1d5965ff5d9bc1cf0696c94bb107a57d4cc9243a
- SHA256
  
  0402f68fac0aeccff34ecd121d0ca07b876e04db127314395cba77ddb8111a0c
- SHA512
  
  3a25c03eaac44074b81ef22d5627b0f463ac652492a9964479941358c3ca387a6c3d48361706562b31e2679062df1fa07d2ed63a4cabee689ba62743844514cf
- SSDEEP
  
  384:ayYWS0SzmwevmUsCOQAcKhE8BNvyIBDi4NN149nWaYg3CoKPWfmssAS7KL1:wxQb9T9nWC/+RHG
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2