c82c4021c4fa289e01c025783c2a31ce49fe4560b5aeafb618fde44a6ceadac4 | Triage

Sharing

General

Target

1030d9c9d2bbf96912d541e865005fba.exe
Size

267KB
Sample

240614-3hqapa1aqa
MD5

1030d9c9d2bbf96912d541e865005fba
SHA1

c2dc4f8f12bd79c684bb0487d2ce0878bd0ae9d0
SHA256

c82c4021c4fa289e01c025783c2a31ce49fe4560b5aeafb618fde44a6ceadac4
SHA512

1496244d7b5c7f393e9374766b57780400ad89be256901b2ab4c6a3f874be0d9361ab97a53f02977770884153514a1f35a2509722658fdc4d6e2b82626eca918
SSDEEP

6144:jmLhbX4BsrJ24439vu0oygg7Iva6u8Sy+bS59nVne:jKX1JB439vnoM76T59nVn

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  1030d9c9d2bbf96912d541e865005fba.exe
- Size
  
  267KB
- MD5
  
  1030d9c9d2bbf96912d541e865005fba
- SHA1
  
  c2dc4f8f12bd79c684bb0487d2ce0878bd0ae9d0
- SHA256
  
  c82c4021c4fa289e01c025783c2a31ce49fe4560b5aeafb618fde44a6ceadac4
- SHA512
  
  1496244d7b5c7f393e9374766b57780400ad89be256901b2ab4c6a3f874be0d9361ab97a53f02977770884153514a1f35a2509722658fdc4d6e2b82626eca918
- SSDEEP
  
  6144:jmLhbX4BsrJ24439vu0oygg7Iva6u8Sy+bS59nVne:jKX1JB439vnoM76T59nVn
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2