60a7254518fcb5b5f5707507bb1b0054dae3ea28eb9d311d83049d315e199ba4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f4a490dc751613082e3a9e32592ab78
Size

43KB
Sample

240204-qy5dbsdccn
MD5

8f4a490dc751613082e3a9e32592ab78
SHA1

61f6e68840fe57c9b2bed376a8a5a132ede0bbf6
SHA256

60a7254518fcb5b5f5707507bb1b0054dae3ea28eb9d311d83049d315e199ba4
SHA512

7928a0a4d92a74af65ead7cef3a0bfef3e2afe8fd7952ea93a186bdf55ffae153af4c2263909c45aa03bd16574f895ab546f9e5fa0e726d95471305e8c350aa7
SSDEEP

768:AsFRB0RRdJ2CyILFzIDvXF9BidETc86ndvn6vgmITABLh85DaPpInp6i659Cg:AyCyILZ0vXFBb6dyvjsBVEi6X

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  8f4a490dc751613082e3a9e32592ab78
- Size
  
  43KB
- MD5
  
  8f4a490dc751613082e3a9e32592ab78
- SHA1
  
  61f6e68840fe57c9b2bed376a8a5a132ede0bbf6
- SHA256
  
  60a7254518fcb5b5f5707507bb1b0054dae3ea28eb9d311d83049d315e199ba4
- SHA512
  
  7928a0a4d92a74af65ead7cef3a0bfef3e2afe8fd7952ea93a186bdf55ffae153af4c2263909c45aa03bd16574f895ab546f9e5fa0e726d95471305e8c350aa7
- SSDEEP
  
  768:AsFRB0RRdJ2CyILFzIDvXF9BidETc86ndvn6vgmITABLh85DaPpInp6i659Cg:AyCyILZ0vXFBb6dyvjsBVEi6X
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2