1c7f259d654755f0871d046349b8a35f0e22c2d695c635cb7081c418ad59ae12 | Triage

Sharing

General

Target

97b687df81504ed4ebb9b81c099652ef
Size

9KB
Sample

240212-1w6hqada5y
MD5

97b687df81504ed4ebb9b81c099652ef
SHA1

e585b3f604f499acb70e6554d73154a781d08c7d
SHA256

1c7f259d654755f0871d046349b8a35f0e22c2d695c635cb7081c418ad59ae12
SHA512

69eebc0e71780e677e5b56b0320f1b9d7f3c9af0f54d5c3365cd57abc223d44e8d404f10321b9fd956f9a6115da2e6472a56cb395541c04fd96822462271d9e9
SSDEEP

96:tpYYFudEknTkCEc8n51Mu/74rvzITkjSxLkzBBQCG8aJc7d4MHjxGb5KN:3ahn5G5MPXQCG8aJch4MDob5E

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  97b687df81504ed4ebb9b81c099652ef
- Size
  
  9KB
- MD5
  
  97b687df81504ed4ebb9b81c099652ef
- SHA1
  
  e585b3f604f499acb70e6554d73154a781d08c7d
- SHA256
  
  1c7f259d654755f0871d046349b8a35f0e22c2d695c635cb7081c418ad59ae12
- SHA512
  
  69eebc0e71780e677e5b56b0320f1b9d7f3c9af0f54d5c3365cd57abc223d44e8d404f10321b9fd956f9a6115da2e6472a56cb395541c04fd96822462271d9e9
- SSDEEP
  
  96:tpYYFudEknTkCEc8n51Mu/74rvzITkjSxLkzBBQCG8aJc7d4MHjxGb5KN:3ahn5G5MPXQCG8aJch4MDob5E
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2