79a0c053eb1b1ebbf36faf5a6464a3e20ad9dd36c317212a9ff7c4ae8de08224 | Triage

Sharing

General

Target

c72839924b296de9d93bf0d0f0b0ae90N.exe
Size

68KB
Sample

240901-q13brasckr
MD5

c72839924b296de9d93bf0d0f0b0ae90
SHA1

4d89a886b6edd2d6d8cf0f3c9252d40fda5d4f11
SHA256

79a0c053eb1b1ebbf36faf5a6464a3e20ad9dd36c317212a9ff7c4ae8de08224
SHA512

ffab585da975174372dd537a03436b4a01abef81b1a16a5dbfc04383694859c05a75658e6cd61c734b1ad4751a744f645af5d21a76989dcdc9fc60886d23e003
SSDEEP

1536:Htq94hUwA6CTC7ckEtCJTmHH5jXHdQ/JoUJsV44cpU:xS6CGAkESQ5jHdQBJs

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  c72839924b296de9d93bf0d0f0b0ae90N.exe
- Size
  
  68KB
- MD5
  
  c72839924b296de9d93bf0d0f0b0ae90
- SHA1
  
  4d89a886b6edd2d6d8cf0f3c9252d40fda5d4f11
- SHA256
  
  79a0c053eb1b1ebbf36faf5a6464a3e20ad9dd36c317212a9ff7c4ae8de08224
- SHA512
  
  ffab585da975174372dd537a03436b4a01abef81b1a16a5dbfc04383694859c05a75658e6cd61c734b1ad4751a744f645af5d21a76989dcdc9fc60886d23e003
- SSDEEP
  
  1536:Htq94hUwA6CTC7ckEtCJTmHH5jXHdQ/JoUJsV44cpU:xS6CGAkESQ5jHdQBJs
Score

8^/10

discovery persistence
- Adds policy Run key to start application
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence