b3b0b8a4c057ba39c4dd7b2525f490a3036a6869b6965801f1d195a10658bbcb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

752.exe
Size

170KB
Sample

240223-dj1qdaah92
MD5

a2563229515fbcc1f4a6fb1f10d8c7fd
SHA1

c0471dd4ef109b02e733aa5b631c4e5421b53fb4
SHA256

b3b0b8a4c057ba39c4dd7b2525f490a3036a6869b6965801f1d195a10658bbcb
SHA512

685685e230d5b853a4a6d5b82c8704b93f30f9e0d96f9690353fe6ddf725e8f4fd6f5a127c8b0dd14eb2bd1328747460633e6ae895ea387e6f707560264eff33
SSDEEP

3072:dahKyd2n31L5GWp1icKAArDZz4N9GhbkrNEk+5fJ3qa1E+Q:dahOTp0yN90QE4

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  752.exe
- Size
  
  170KB
- MD5
  
  a2563229515fbcc1f4a6fb1f10d8c7fd
- SHA1
  
  c0471dd4ef109b02e733aa5b631c4e5421b53fb4
- SHA256
  
  b3b0b8a4c057ba39c4dd7b2525f490a3036a6869b6965801f1d195a10658bbcb
- SHA512
  
  685685e230d5b853a4a6d5b82c8704b93f30f9e0d96f9690353fe6ddf725e8f4fd6f5a127c8b0dd14eb2bd1328747460633e6ae895ea387e6f707560264eff33
- SSDEEP
  
  3072:dahKyd2n31L5GWp1icKAArDZz4N9GhbkrNEk+5fJ3qa1E+Q:dahOTp0yN90QE4
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1