d46896a61b939a1dc97f6ec994463f6792ac35dc96c127a11fc8c1550a9b0bbd | Triage

Sharing

General

Target

c7b2759c599ed4c14b5e3f3bc02b93d0N.exe
Size

116KB
Sample

240829-ae2v4avhkn
MD5

c7b2759c599ed4c14b5e3f3bc02b93d0
SHA1

bdf53006a54b8f44f50143fe2129ccabfaca4292
SHA256

d46896a61b939a1dc97f6ec994463f6792ac35dc96c127a11fc8c1550a9b0bbd
SHA512

ce0b9fe4bd0985240b0a004d2ca561ce6522d279a29f03bb96d834a8df5b840004f5f1844264d557dcdc8d0b740b85699157c998cbd6a9168c20470f6c150d60
SSDEEP

768:t6eHIMgPRVUUC151Npquv3RnFKE7pGnbcuyD7UTTE:tFo5U5bLpXRkPnouy8k

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  c7b2759c599ed4c14b5e3f3bc02b93d0N.exe
- Size
  
  116KB
- MD5
  
  c7b2759c599ed4c14b5e3f3bc02b93d0
- SHA1
  
  bdf53006a54b8f44f50143fe2129ccabfaca4292
- SHA256
  
  d46896a61b939a1dc97f6ec994463f6792ac35dc96c127a11fc8c1550a9b0bbd
- SHA512
  
  ce0b9fe4bd0985240b0a004d2ca561ce6522d279a29f03bb96d834a8df5b840004f5f1844264d557dcdc8d0b740b85699157c998cbd6a9168c20470f6c150d60
- SSDEEP
  
  768:t6eHIMgPRVUUC151Npquv3RnFKE7pGnbcuyD7UTTE:tFo5U5bLpXRkPnouy8k
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence