b9e2eb23a8734155a2258b2cb07a95e821559f31b5bbb11d36061221106b1abc | Triage

Sharing

General

Target

c13d4dae2fe94f888002450c704f0880N.exe
Size

1.8MB
Sample

240820-efe5yawcpm
MD5

c13d4dae2fe94f888002450c704f0880
SHA1

ac9d1292035d3da119f5f4da8245644bb111dc59
SHA256

b9e2eb23a8734155a2258b2cb07a95e821559f31b5bbb11d36061221106b1abc
SHA512

7fd78bcc1dc167434a697020b6cef55c10f0e890ea7b48507cf65748926c3cfdf4f2b461b2ee404cf31b8ae0287882f830854e8a67b2fd1ace792244a63274dd
SSDEEP

49152:zyKWunwk44XiIkbMGZgbAZPjvpshekmZWMnxAh/kGqA0Pab:zUIwlNInG+bAZPjOjeWQCduP

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  c13d4dae2fe94f888002450c704f0880N.exe
- Size
  
  1.8MB
- MD5
  
  c13d4dae2fe94f888002450c704f0880
- SHA1
  
  ac9d1292035d3da119f5f4da8245644bb111dc59
- SHA256
  
  b9e2eb23a8734155a2258b2cb07a95e821559f31b5bbb11d36061221106b1abc
- SHA512
  
  7fd78bcc1dc167434a697020b6cef55c10f0e890ea7b48507cf65748926c3cfdf4f2b461b2ee404cf31b8ae0287882f830854e8a67b2fd1ace792244a63274dd
- SSDEEP
  
  49152:zyKWunwk44XiIkbMGZgbAZPjvpshekmZWMnxAh/kGqA0Pab:zUIwlNInG+bAZPjOjeWQCduP
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence