9a5139eeb50a93ae805809b587df06f59aed80002fa74a17ff427320fbd2f2e3 | Triage

Sharing

General

Target

cd2281116d8ca61ab7cb1e301b5b580e
Size

16KB
Sample

240316-fbtyzacb91
MD5

cd2281116d8ca61ab7cb1e301b5b580e
SHA1

1dbe84cbb499dac29d619b7e4b283515cb0900a6
SHA256

9a5139eeb50a93ae805809b587df06f59aed80002fa74a17ff427320fbd2f2e3
SHA512

e87d79648cd92e9adbc3bbd14ddf51c1b3cac9b82567477ff787ebdd3c60a7bd8a95d425cd6c1c400bf2af74f26670bd099543bfcc8f4fa07fa5aba759e3e0d0
SSDEEP

192:f8B1Mhzv1Z8F274/JQtCBdH0dHRdHwdHPH1SdHK18G+j5P:fQ1Yv1Z8jxQtCBqrmuw+B

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  cd2281116d8ca61ab7cb1e301b5b580e
- Size
  
  16KB
- MD5
  
  cd2281116d8ca61ab7cb1e301b5b580e
- SHA1
  
  1dbe84cbb499dac29d619b7e4b283515cb0900a6
- SHA256
  
  9a5139eeb50a93ae805809b587df06f59aed80002fa74a17ff427320fbd2f2e3
- SHA512
  
  e87d79648cd92e9adbc3bbd14ddf51c1b3cac9b82567477ff787ebdd3c60a7bd8a95d425cd6c1c400bf2af74f26670bd099543bfcc8f4fa07fa5aba759e3e0d0
- SSDEEP
  
  192:f8B1Mhzv1Z8F274/JQtCBdH0dHRdHwdHPH1SdHK18G+j5P:fQ1Yv1Z8jxQtCBqrmuw+B
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Sets file execution options in registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2