85a4ae6e0e4e38366450e9491e1d396d20f92223c55f301763b8c523eb6c7505 | Triage

Sharing

General

Target

unicorn.exe
Size

117KB
Sample

240625-27slnssbpr
MD5

cc779497e37ad0423537cc85a11da772
SHA1

eaca4572c109823bf9948f3b6457aac24da48e67
SHA256

85a4ae6e0e4e38366450e9491e1d396d20f92223c55f301763b8c523eb6c7505
SHA512

74214ef64ed2b7cedaf0e420dbcbc4732c8d36381031f650149256790fa044ba6a19b462cbc46feb30b1c874d7891a54894e218a781e0bfc29bf9812ac95f76c
SSDEEP

3072:+M7SS6Z1zmV87v94X9ZTNnduS3ScYkzZwY:wZpmO7v2tZTNnd8kzZw

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  unicorn.exe
- Size
  
  117KB
- MD5
  
  cc779497e37ad0423537cc85a11da772
- SHA1
  
  eaca4572c109823bf9948f3b6457aac24da48e67
- SHA256
  
  85a4ae6e0e4e38366450e9491e1d396d20f92223c55f301763b8c523eb6c7505
- SHA512
  
  74214ef64ed2b7cedaf0e420dbcbc4732c8d36381031f650149256790fa044ba6a19b462cbc46feb30b1c874d7891a54894e218a781e0bfc29bf9812ac95f76c
- SSDEEP
  
  3072:+M7SS6Z1zmV87v94X9ZTNnduS3ScYkzZwY:wZpmO7v2tZTNnd8kzZw
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2