fae87cec6c3e3a28957417c17052e7577e47991445f17889dfea4abc25a9ad85 | Triage

Sharing

General

Target

zip bomb compiled into exe.exe
Size

245KB
Sample

240719-3wqhlszflc
MD5

db6d6b6da56c818ccf3c48a085cbfbbb
SHA1

490cf219a6ef08bb1613303508ae4f2f0290cdc7
SHA256

fae87cec6c3e3a28957417c17052e7577e47991445f17889dfea4abc25a9ad85
SHA512

3f1f583535bd97c8a0694d566fc067000e7022b4db6609840175c30c01715f7c0ccafb34ef7bc6d480f1659bff015f0bdd278b5af3ada0c2574aec18928e1ee7
SSDEEP

3072:KahKyd2n3195GWp1icKAArDZz4N9GhbkrNEk1zNjt6AHCnkcyonv3PtJRsYxAvmO:KahOpp0yN90QEQjtlCbPNsYOviA

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  zip bomb compiled into exe.exe
- Size
  
  245KB
- MD5
  
  db6d6b6da56c818ccf3c48a085cbfbbb
- SHA1
  
  490cf219a6ef08bb1613303508ae4f2f0290cdc7
- SHA256
  
  fae87cec6c3e3a28957417c17052e7577e47991445f17889dfea4abc25a9ad85
- SHA512
  
  3f1f583535bd97c8a0694d566fc067000e7022b4db6609840175c30c01715f7c0ccafb34ef7bc6d480f1659bff015f0bdd278b5af3ada0c2574aec18928e1ee7
- SSDEEP
  
  3072:KahKyd2n3195GWp1icKAArDZz4N9GhbkrNEk1zNjt6AHCnkcyonv3PtJRsYxAvmO:KahOpp0yN90QEQjtlCbPNsYOviA
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1