c7b69a2c91d48c3827135e8813ab3c89abab510d4fd4b41f05f3a75b9dde7793 | Triage

Sharing

General

Target

c7b69a2c91d48c3827135e8813ab3c89abab510d4fd4b41f05f3a75b9dde7793
Size

16KB
Sample

240616-cwb24szbqm
MD5

9a86768170c53874ef6471bf85dab0f0
SHA1

df9d39e4211c983a10df70ec62d972ffb7e10ea4
SHA256

c7b69a2c91d48c3827135e8813ab3c89abab510d4fd4b41f05f3a75b9dde7793
SHA512

68da5eeeb1a7b11e87ee46949c3fae52eee394d84ae076ad3da61f5d84ab5324e0771c5a4f634904737c45d583d36097d85b8b41c2717ffc17b98789370ee9af
SSDEEP

192:GQOqjRFGKMh9ED/IDExeorm9+Dfp0GjW5sH2t3AIjvYabHa5tGrn:vdR8iQLoFx1jW5sIjvYR5tGr

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  c7b69a2c91d48c3827135e8813ab3c89abab510d4fd4b41f05f3a75b9dde7793
- Size
  
  16KB
- MD5
  
  9a86768170c53874ef6471bf85dab0f0
- SHA1
  
  df9d39e4211c983a10df70ec62d972ffb7e10ea4
- SHA256
  
  c7b69a2c91d48c3827135e8813ab3c89abab510d4fd4b41f05f3a75b9dde7793
- SHA512
  
  68da5eeeb1a7b11e87ee46949c3fae52eee394d84ae076ad3da61f5d84ab5324e0771c5a4f634904737c45d583d36097d85b8b41c2717ffc17b98789370ee9af
- SSDEEP
  
  192:GQOqjRFGKMh9ED/IDExeorm9+Dfp0GjW5sH2t3AIjvYabHa5tGrn:vdR8iQLoFx1jW5sIjvYR5tGr
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2