16a7bce3ccbf06b59a0cd808d5e4ca3e3578c904971e168a9d1980b17b005ab2 | Triage

Resubmissions

20/06/2024, 11:25

240620-njgbvayfrp 7

Sharing

General

Target

FivemScanersV2.exe
Size

154KB
Sample

240620-njgbvayfrp
MD5

832aa32c85f47dc5502e96a5a9f73fc1
SHA1

95123b4d4c1e01ba16713a54d78a8a2285e127b4
SHA256

16a7bce3ccbf06b59a0cd808d5e4ca3e3578c904971e168a9d1980b17b005ab2
SHA512

9368c676c3bd2caf22205d14cba42cc01f0bf5003d95e280cd4006da93f68b6cf5ae2d8d33b40929c92490a1d8166c60972a11bb33af87518b095f9f712f7adc
SSDEEP

3072:eahKyd2n31N5GWp1icKAArDZz4N9GhbkrNEk1wT:eahOxp0yN90QEj

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  FivemScanersV2.exe
- Size
  
  154KB
- MD5
  
  832aa32c85f47dc5502e96a5a9f73fc1
- SHA1
  
  95123b4d4c1e01ba16713a54d78a8a2285e127b4
- SHA256
  
  16a7bce3ccbf06b59a0cd808d5e4ca3e3578c904971e168a9d1980b17b005ab2
- SHA512
  
  9368c676c3bd2caf22205d14cba42cc01f0bf5003d95e280cd4006da93f68b6cf5ae2d8d33b40929c92490a1d8166c60972a11bb33af87518b095f9f712f7adc
- SSDEEP
  
  3072:eahKyd2n31N5GWp1icKAArDZz4N9GhbkrNEk1wT:eahOxp0yN90QEj
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1