72ae9625e3c7b865e3b047d7a822207432e91b56c03fab7f571e59ebe32b6bce | Triage

Sharing

Copy URL Twitter E-mail

General

Target

108f254a1d510f0b02b14aa2ed49b11b.zip
Size

121KB
Sample

240901-1egs2ashng
MD5

b5ab986f9a2740e737147197b7bed980
SHA1

5b0b7a1110a409bb0c6cf4f2f7690611b49be29c
SHA256

72ae9625e3c7b865e3b047d7a822207432e91b56c03fab7f571e59ebe32b6bce
SHA512

ea4a700a3a9e01e3cf91d49be7907f14cbfd220e8fbac223ef0b5cc14872b83a8ccf3b668fff30ad3391af5fd7c220d7652c61a8b6fd95c26b8e9fa5b438f137
SSDEEP

3072:JeYb+RlLqmYPT1oq0ZlR/sSEy2w/DX0HFBTb0kdOWyBAzaLnD6c:JiYiBpESb2mX6bbbBi06x

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  4f7a51cf2ffd45aaa0129fe130037c5335e05e5f843ec4d14991152870560360
- Size
  
  228KB
- MD5
  
  108f254a1d510f0b02b14aa2ed49b11b
- SHA1
  
  6725bcbb87c74511f17ad0f5b349cff2f2df6d84
- SHA256
  
  4f7a51cf2ffd45aaa0129fe130037c5335e05e5f843ec4d14991152870560360
- SHA512
  
  0fb16386cab3cc6b401f3f17e3d3400474a5d93025c2aa673ff445ce0993f496a29779bd8abfc63de97218e48172db94089400eb2e94c07dad7ef4dbcb54a9b2
- SSDEEP
  
  3072:/cT9g8immW6Pozkk2eKs/CSr2nQ/E2S5ny+bF2u1I+ddDK7Hlq/B86kgnYHfQlAD:o68i3odBiTl2+TCU/3k8KfQlEeC
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence