e391a273780f31a933ffba2a368761e9a162ce594b110f95a83bde93c4fed3c5 | Triage

Sharing

General

Target

ba12e12966e55d627959902ae4fc3232
Size

10KB
Sample

240308-ayr51abe2v
MD5

ba12e12966e55d627959902ae4fc3232
SHA1

e43fefef57be33bd870eb9791259e23adb07c4b4
SHA256

e391a273780f31a933ffba2a368761e9a162ce594b110f95a83bde93c4fed3c5
SHA512

9018f8abd8a0ade91badef23aa312fec49e215b1838471886a6f0080bdb3e9beb169966edac11cece364d3fe017504e9d8a87ccb33b31614dc43228c5c10c00b
SSDEEP

192:wZXrJI5mXH8WAbnjUXAimlA1Jadvru7fpz3Nu:o1I5GH8dbnjwA/z8xDA

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  ba12e12966e55d627959902ae4fc3232
- Size
  
  10KB
- MD5
  
  ba12e12966e55d627959902ae4fc3232
- SHA1
  
  e43fefef57be33bd870eb9791259e23adb07c4b4
- SHA256
  
  e391a273780f31a933ffba2a368761e9a162ce594b110f95a83bde93c4fed3c5
- SHA512
  
  9018f8abd8a0ade91badef23aa312fec49e215b1838471886a6f0080bdb3e9beb169966edac11cece364d3fe017504e9d8a87ccb33b31614dc43228c5c10c00b
- SSDEEP
  
  192:wZXrJI5mXH8WAbnjUXAimlA1Jadvru7fpz3Nu:o1I5GH8dbnjwA/z8xDA
Score

8^/10

persistence
- Modifies AppInit DLL entries
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2