7eee944a5319a78072ce6ae2f76b5581a0e10abd8656002827eb247dbcfe9e5d | Triage

Sharing

General

Target

c7852339c20c297a02691e6b16cb69c7
Size

152KB
Sample

240314-dkbgwahb4s
MD5

c7852339c20c297a02691e6b16cb69c7
SHA1

a04bc6ca673f8cc43ff5802ec1f158e4bb1fae62
SHA256

7eee944a5319a78072ce6ae2f76b5581a0e10abd8656002827eb247dbcfe9e5d
SHA512

7f4cca5f39918818da5443bebb61dbc73266e7130ab748e5c0e467299ea080d88d28709b88129cc723376e05aed533c9d0ca709a8b22fec8a50d7047d6fa1fde
SSDEEP

3072:Xr30nVYoE4weBRoIt/BJg2icxOrBa5XJX9JndT5ql:b4nBDt/BJRic4rgpJXvnd

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  c7852339c20c297a02691e6b16cb69c7
- Size
  
  152KB
- MD5
  
  c7852339c20c297a02691e6b16cb69c7
- SHA1
  
  a04bc6ca673f8cc43ff5802ec1f158e4bb1fae62
- SHA256
  
  7eee944a5319a78072ce6ae2f76b5581a0e10abd8656002827eb247dbcfe9e5d
- SHA512
  
  7f4cca5f39918818da5443bebb61dbc73266e7130ab748e5c0e467299ea080d88d28709b88129cc723376e05aed533c9d0ca709a8b22fec8a50d7047d6fa1fde
- SSDEEP
  
  3072:Xr30nVYoE4weBRoIt/BJg2icxOrBa5XJX9JndT5ql:b4nBDt/BJRic4rgpJXvnd
Score

8^/10

persistence
- Modifies AppInit DLL entries
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2