32db6bc6a5e6b85c3d7bf97d09e73f8ab355520eac45f6a9ffcc74755110e807 | Triage

Sharing

General

Target

ab5b454cc3b75f4728e57461f668fb31
Size

138KB
Sample

240228-jge9jsee52
MD5

ab5b454cc3b75f4728e57461f668fb31
SHA1

984a9643e711875ef53770055e47dfddbe8140af
SHA256

32db6bc6a5e6b85c3d7bf97d09e73f8ab355520eac45f6a9ffcc74755110e807
SHA512

3361f07cae34c759e1d5b9701bf0e7c66cdc42e74f05983fae7f4b956fe1e9d7b01619c4fe33fe7f2ef81b6174a2ab50c5866655e2eda67fd80bde2354302022
SSDEEP

3072:wPMZHNENEk24sHb8ydTfPkx4lvipg5e7y:wgHNyEcCfTXkxqDf

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ab5b454cc3b75f4728e57461f668fb31
- Size
  
  138KB
- MD5
  
  ab5b454cc3b75f4728e57461f668fb31
- SHA1
  
  984a9643e711875ef53770055e47dfddbe8140af
- SHA256
  
  32db6bc6a5e6b85c3d7bf97d09e73f8ab355520eac45f6a9ffcc74755110e807
- SHA512
  
  3361f07cae34c759e1d5b9701bf0e7c66cdc42e74f05983fae7f4b956fe1e9d7b01619c4fe33fe7f2ef81b6174a2ab50c5866655e2eda67fd80bde2354302022
- SSDEEP
  
  3072:wPMZHNENEk24sHb8ydTfPkx4lvipg5e7y:wgHNyEcCfTXkxqDf
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2