7c63edc82b87870467fbd31439ef2da3d9537e5b5b7615f8a131742ecdfa7c57 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf304c611ce17e42ce2ae9c7f4489235
Size

892KB
Sample

240310-21nzxade73
MD5

bf304c611ce17e42ce2ae9c7f4489235
SHA1

34e52a15d43a93629bfb15251093e1183a2872cd
SHA256

7c63edc82b87870467fbd31439ef2da3d9537e5b5b7615f8a131742ecdfa7c57
SHA512

e4aaa6a1275252234930938fd63bf2c68f47fb58a6a6ae2d9d4813d968a0670c438046de2d42d266f7a5b1a87109587ef88204ade137de6162bb7d855d8bd4e7
SSDEEP

24576:NrBH1xsRe2vZUtKy/X+gg4hmmM1R4wWHSy4u7I:5BmnmhDgyWMnyy4us

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  bf304c611ce17e42ce2ae9c7f4489235
- Size
  
  892KB
- MD5
  
  bf304c611ce17e42ce2ae9c7f4489235
- SHA1
  
  34e52a15d43a93629bfb15251093e1183a2872cd
- SHA256
  
  7c63edc82b87870467fbd31439ef2da3d9537e5b5b7615f8a131742ecdfa7c57
- SHA512
  
  e4aaa6a1275252234930938fd63bf2c68f47fb58a6a6ae2d9d4813d968a0670c438046de2d42d266f7a5b1a87109587ef88204ade137de6162bb7d855d8bd4e7
- SSDEEP
  
  24576:NrBH1xsRe2vZUtKy/X+gg4hmmM1R4wWHSy4u7I:5BmnmhDgyWMnyy4us
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2