8211656a6a184b80dc03848ed1edc4bd31ade58f8cdf6f2f607073ebea9ee091 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc43920b652544c7c3001348e8c74cff.zip
Size

92KB
Sample

240903-byny1starr
MD5

8d135c49af21de7202eb718f76d780ff
SHA1

56f4b7ae5b9796919aa622ce3b25380e48eb463b
SHA256

8211656a6a184b80dc03848ed1edc4bd31ade58f8cdf6f2f607073ebea9ee091
SHA512

ab741a17fbf4a19fc97a270860750c9ec2c53c8b0a5158a04c87ba11fd3b739d157f9dfec2fd88651f920fa92fc217c4aaaccdb0c303aa7168e4e50accd376ba
SSDEEP

1536:qwfrJUUhCbEdF8mO8eJJmVVblsvM36nmWq3Vk0/trwBohsziVuyzJJ1NObc66kcN:7J9sEdF8mO8eSjl76/4VP/hwdyHNJkcN

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  ecd469a9a3f579b3909181999360995dc5b5b34f67d942aee6dfcef411f3d5cb
- Size
  
  196KB
- MD5
  
  bc43920b652544c7c3001348e8c74cff
- SHA1
  
  048aaa0cf192f481584703d7fa10b099492bdfc0
- SHA256
  
  ecd469a9a3f579b3909181999360995dc5b5b34f67d942aee6dfcef411f3d5cb
- SHA512
  
  168f4ce9064d01fdcb7ee07f4b47bd22542ae163cc4783271cf03bfc2d2ce9d9a5ad0e74db324b5c8e1123fd9478b4d10bc3038b0d3af930c973bb51999d717a
- SSDEEP
  
  3072:/cT9g8immW6Pozkk2eKs/CSr2nQ/E2S5ny+bF2u1I+ddDK7Hlq/B8+:o68i3odBiTl2+TCU/F
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence