51922b5f018170babf30c0e01b0e2a043648b1b5d2b12990e357960403d0814b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51922b5f018170babf30c0e01b0e2a043648b1b5d2b12990e357960403d0814b
Size

503KB
Sample

240307-ymnkfacd79
MD5

45bfa3ad5b5056884da72df1c04b5381
SHA1

225e40d62512ec6f523b16a107b783dab8757f31
SHA256

51922b5f018170babf30c0e01b0e2a043648b1b5d2b12990e357960403d0814b
SHA512

794c4b4f64499804c529359f3ff331b18ca1c66f82b59650e1e23ac4c294dbec0e24c004650067c8a512bb041d79bc83a8d02ab1c8eebc24137a53738fc4ad07
SSDEEP

6144:WZT3H5umWrA7oSLvd5Gr83KS1PCG0LcMFM/2dsc0YQ9X43US93tMxQSkNMau91YD:Wh3ZukLF5fRY5a/6GX4D97uLHHyhbeVo

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  51922b5f018170babf30c0e01b0e2a043648b1b5d2b12990e357960403d0814b
- Size
  
  503KB
- MD5
  
  45bfa3ad5b5056884da72df1c04b5381
- SHA1
  
  225e40d62512ec6f523b16a107b783dab8757f31
- SHA256
  
  51922b5f018170babf30c0e01b0e2a043648b1b5d2b12990e357960403d0814b
- SHA512
  
  794c4b4f64499804c529359f3ff331b18ca1c66f82b59650e1e23ac4c294dbec0e24c004650067c8a512bb041d79bc83a8d02ab1c8eebc24137a53738fc4ad07
- SSDEEP
  
  6144:WZT3H5umWrA7oSLvd5Gr83KS1PCG0LcMFM/2dsc0YQ9X43US93tMxQSkNMau91YD:Wh3ZukLF5fRY5a/6GX4D97uLHHyhbeVo
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2