f86021095d9a1b942fc8fd7e2bca765d8a48a14e3aaa44a144859cdf5ff1832e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3dce33574d29cdc969c9395eaca9043
Size

3.2MB
Sample

240318-sydaysca34
MD5

d3dce33574d29cdc969c9395eaca9043
SHA1

f60eba379bd0e14eda7cc40237d5966102b65cce
SHA256

f86021095d9a1b942fc8fd7e2bca765d8a48a14e3aaa44a144859cdf5ff1832e
SHA512

07107c139d1baabb5b248c0daf6f6d8287f95432176e169bb8931218e925dd35594f4962e4a3e868af24c42657df2edb86f77daf367d29b8e8d22f3d5b104ec6
SSDEEP

49152:6e0mfW3YNPRRlG4saIprQNdUyNJ+TBGxZykI9vA6qX9B9RElKBG1f:ESWINPRRlG4saIpu3N44WEXP9RElKc

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  d3dce33574d29cdc969c9395eaca9043
- Size
  
  3.2MB
- MD5
  
  d3dce33574d29cdc969c9395eaca9043
- SHA1
  
  f60eba379bd0e14eda7cc40237d5966102b65cce
- SHA256
  
  f86021095d9a1b942fc8fd7e2bca765d8a48a14e3aaa44a144859cdf5ff1832e
- SHA512
  
  07107c139d1baabb5b248c0daf6f6d8287f95432176e169bb8931218e925dd35594f4962e4a3e868af24c42657df2edb86f77daf367d29b8e8d22f3d5b104ec6
- SSDEEP
  
  49152:6e0mfW3YNPRRlG4saIprQNdUyNJ+TBGxZykI9vA6qX9B9RElKBG1f:ESWINPRRlG4saIpu3N44WEXP9RElKc
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2