05c04299802d53dba524903ccbeb1e563d72610d57ad286cf1990baef77c46cd | Triage

Sharing

General

Target

New Client.exe
Size

247KB
Sample

240705-r2mhcssfnb
MD5

24fe6477c75de18c4a1b150b7d9c9bc4
SHA1

c4340b3addec930770730a156e796f8a0e9c8e4e
SHA256

05c04299802d53dba524903ccbeb1e563d72610d57ad286cf1990baef77c46cd
SHA512

cde8ea61e88177d9e95d85701f7f4b9e2e68328f283d995f59ec8232aeed1367db622cdbf8f40b7fe9c45c983bbc3feb37886a9d9ca97fac1026716aaa7e2cd4
SSDEEP

6144:mkh03Q7Ges3PJ13N5AD/7oLfLI1mw9vKKIrv6YYF2L:103QWx1yO9L6YYFy

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  New Client.exe
- Size
  
  247KB
- MD5
  
  24fe6477c75de18c4a1b150b7d9c9bc4
- SHA1
  
  c4340b3addec930770730a156e796f8a0e9c8e4e
- SHA256
  
  05c04299802d53dba524903ccbeb1e563d72610d57ad286cf1990baef77c46cd
- SHA512
  
  cde8ea61e88177d9e95d85701f7f4b9e2e68328f283d995f59ec8232aeed1367db622cdbf8f40b7fe9c45c983bbc3feb37886a9d9ca97fac1026716aaa7e2cd4
- SSDEEP
  
  6144:mkh03Q7Ges3PJ13N5AD/7oLfLI1mw9vKKIrv6YYF2L:103QWx1yO9L6YYFy
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2