827544cad56df6277693509adbbcb6eb2339b3f76b4688fc62531c07a8405bd9 | Triage

Sharing

General

Target

b469f567818d7294d1191a102316892b
Size

102KB
Sample

240305-lyny5aca6z
MD5

b469f567818d7294d1191a102316892b
SHA1

e78c11722f819ee8090c6a0974a46f631cbf1d78
SHA256

827544cad56df6277693509adbbcb6eb2339b3f76b4688fc62531c07a8405bd9
SHA512

4417399a329711d57d24b6bca89a4e55ec883ca6ed7f820bae8851277ee3bd15f4b6bb2d98841ecd821d93b67cd006dfb78683e9b28acf73047750b564032178
SSDEEP

1536:I2j6CR+D5e/otjAYOhHNN0W5qtKP6RykZ7XrvePQfDOyPhvhEL5:IQ+DM/otjArhHNN75dO97XrvnfDh85

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  b469f567818d7294d1191a102316892b
- Size
  
  102KB
- MD5
  
  b469f567818d7294d1191a102316892b
- SHA1
  
  e78c11722f819ee8090c6a0974a46f631cbf1d78
- SHA256
  
  827544cad56df6277693509adbbcb6eb2339b3f76b4688fc62531c07a8405bd9
- SHA512
  
  4417399a329711d57d24b6bca89a4e55ec883ca6ed7f820bae8851277ee3bd15f4b6bb2d98841ecd821d93b67cd006dfb78683e9b28acf73047750b564032178
- SSDEEP
  
  1536:I2j6CR+D5e/otjAYOhHNN0W5qtKP6RykZ7XrvePQfDOyPhvhEL5:IQ+DM/otjArhHNN75dO97XrvnfDh85
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2