947a92cc1edffd7462dc2cd99f51392a5e8122b372a65030bd57c33c06ff956b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

947a92cc1edffd7462dc2cd99f51392a5e8122b372a65030bd57c33c06ff956b
Size

44KB
Sample

240513-3z6zrsah4w
MD5

038038ae7470c581cea31ceb9be0ebaf
SHA1

3d0e0011cf238657e8b0681537ff59edc2ae6647
SHA256

947a92cc1edffd7462dc2cd99f51392a5e8122b372a65030bd57c33c06ff956b
SHA512

355d638ac0d4570dcdf26230ad2778ff8b095b384d846dfba03561f53295b0b647dafe17b167db48ef384e4c38308160527570a89542226ce8129e61533cf480
SSDEEP

768:MlH9AdIGjGizA6PAEc9pvu9JwM/3ed/iTAi90G7nobXdv1Ez:MlH9cj9w7vu9JwI3eRiMiz7nobtvCz

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  947a92cc1edffd7462dc2cd99f51392a5e8122b372a65030bd57c33c06ff956b
- Size
  
  44KB
- MD5
  
  038038ae7470c581cea31ceb9be0ebaf
- SHA1
  
  3d0e0011cf238657e8b0681537ff59edc2ae6647
- SHA256
  
  947a92cc1edffd7462dc2cd99f51392a5e8122b372a65030bd57c33c06ff956b
- SHA512
  
  355d638ac0d4570dcdf26230ad2778ff8b095b384d846dfba03561f53295b0b647dafe17b167db48ef384e4c38308160527570a89542226ce8129e61533cf480
- SSDEEP
  
  768:MlH9AdIGjGizA6PAEc9pvu9JwM/3ed/iTAi90G7nobXdv1Ez:MlH9cj9w7vu9JwI3eRiMiz7nobtvCz
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2