302ef42805dfc9c42acbe0b4ae83526ebcfe7e86b9858d03e80a1eabfa416999 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73a5737c32879d598ce724d7d56852dd.bin
Size

6.5MB
Sample

240822-bvcftavfkp
MD5

90df8cb36a5215c4039851867f013f57
SHA1

430beb88714c186987e2d9b018fc21645e1110a7
SHA256

302ef42805dfc9c42acbe0b4ae83526ebcfe7e86b9858d03e80a1eabfa416999
SHA512

6f85d7b2a9c493b5c880f7945266712b6e7f362a328c44941788d41ad88c7076ea57a7f3246ba336d1a04cc8d27637d5302656094f37da7ad90c3b4188fda8b7
SSDEEP

98304:iD2L1zIdtYE7fl84vrfrFPU4qZPvacolaLBlsB/GbDoJ837P3Zgg:O2pGH7fNfFc4qZ3a5laL6OPG8LPGg

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  12541970a0c7bca13fcb517b7fbceee200c475dc15d4d2d803c1491da77ec495.exe
- Size
  
  6.6MB
- MD5
  
  73a5737c32879d598ce724d7d56852dd
- SHA1
  
  c7a89c92011b53aeac4510233998937e4431c5e2
- SHA256
  
  12541970a0c7bca13fcb517b7fbceee200c475dc15d4d2d803c1491da77ec495
- SHA512
  
  ad09b65fbb32ea02d499b43645a63b9d25138710770da47cce1803289b417954a5fc4973b7812c10356e8f9f4cc2e627bfe81884f4400833511f211186af35b4
- SSDEEP
  
  196608:LzU3OpDzbXdJcy3O8pyfITXmJAUDG17CC:3U3Szd+cO87TBuG17CC
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence