e9410050f04433aea6b0c730027866be9fe0d8f456829e679887c57d6c3d4497 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c54cadf9e77f775d25796b879e68d631
Size

1.6MB
Sample

240313-h5b2csff6y
MD5

c54cadf9e77f775d25796b879e68d631
SHA1

6cf007c23f10aa4d395a50834f8d6a9f3d4ac4b9
SHA256

e9410050f04433aea6b0c730027866be9fe0d8f456829e679887c57d6c3d4497
SHA512

7274b3a708340b1dc204b0281151b21d24ad9756a3042f55f2b7448c2670cfb2bc83992cbf3e0099d8df39d22768f630f36a78e1b54ac9889878af5407714987
SSDEEP

24576:RJG4cvS2EVTtcBlMWqgj0N5ENHyruqOQDu3ziUc1lOAPmP9wLEXhGPVh7+4oSe:RJdcyVjWqX5juvzT6LeGPVNtX

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  c54cadf9e77f775d25796b879e68d631
- Size
  
  1.6MB
- MD5
  
  c54cadf9e77f775d25796b879e68d631
- SHA1
  
  6cf007c23f10aa4d395a50834f8d6a9f3d4ac4b9
- SHA256
  
  e9410050f04433aea6b0c730027866be9fe0d8f456829e679887c57d6c3d4497
- SHA512
  
  7274b3a708340b1dc204b0281151b21d24ad9756a3042f55f2b7448c2670cfb2bc83992cbf3e0099d8df39d22768f630f36a78e1b54ac9889878af5407714987
- SSDEEP
  
  24576:RJG4cvS2EVTtcBlMWqgj0N5ENHyruqOQDu3ziUc1lOAPmP9wLEXhGPVh7+4oSe:RJdcyVjWqX5juvzT6LeGPVNtX
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2