7c1b3e99675f89debef78ba78d7a8547e4fc09b36fb293f5634b69350f010b1a | Triage

Sharing

General

Target

7c1b3e99675f89debef78ba78d7a8547e4fc09b36fb293f5634b69350f010b1a
Size

2.0MB
Sample

240326-1fmqnsfh7t
MD5

f9cdffbdc3fab0859dc096e4cdba5d94
SHA1

f7bdd11ab341766f00261860e3f2d67c46fa9dc8
SHA256

7c1b3e99675f89debef78ba78d7a8547e4fc09b36fb293f5634b69350f010b1a
SHA512

0e61abacb6ba05aac04c55f0838590ef8ac8aaf017c077161e68b791dd64382afdb548b0215ba0502eb3ab3953dbda4d0649634987c8ea449aca029630b837f3
SSDEEP

24576:aLILY8Xu/3y8UsG2BgYLicwnklCHdebUKyZURQ1TgjTs:tYrC8UsGuTwkCHdeQKyZURQ1EjTs

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  7c1b3e99675f89debef78ba78d7a8547e4fc09b36fb293f5634b69350f010b1a
- Size
  
  2.0MB
- MD5
  
  f9cdffbdc3fab0859dc096e4cdba5d94
- SHA1
  
  f7bdd11ab341766f00261860e3f2d67c46fa9dc8
- SHA256
  
  7c1b3e99675f89debef78ba78d7a8547e4fc09b36fb293f5634b69350f010b1a
- SHA512
  
  0e61abacb6ba05aac04c55f0838590ef8ac8aaf017c077161e68b791dd64382afdb548b0215ba0502eb3ab3953dbda4d0649634987c8ea449aca029630b837f3
- SSDEEP
  
  24576:aLILY8Xu/3y8UsG2BgYLicwnklCHdebUKyZURQ1TgjTs:tYrC8UsGuTwkCHdeQKyZURQ1EjTs
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2