a4d66825bbb4bd8332dafc57dc7bdfe38888d72e1616b75924cd115a55da3d75 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

TheYalioptimization.exe
Size

1.1MB
Sample

240911-phjagszhjh
MD5

e95c73bed223742b3168d86504f4ad16
SHA1

ddf882953bd8f510596b2697d021057a45afa2d4
SHA256

a4d66825bbb4bd8332dafc57dc7bdfe38888d72e1616b75924cd115a55da3d75
SHA512

3fdaf9dbf230b93ddae435247f3d46d0e312bf95b06be3da5b8fe16138e60510007e456b707fed47b980432a91f2f6eebfa6da7561af3865769cb0c00a8a3b5b
SSDEEP

12288:qOxPkPjQeqQ1Y53KRYTd25O07Y1iuJ0F+Z0ky3ETd25O07Y1iuJ0F+Z0ky3TEaGY:8EeqQq3KSTd50E1pkETd50E1pkToY

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  TheYalioptimization.exe
- Size
  
  1.1MB
- MD5
  
  e95c73bed223742b3168d86504f4ad16
- SHA1
  
  ddf882953bd8f510596b2697d021057a45afa2d4
- SHA256
  
  a4d66825bbb4bd8332dafc57dc7bdfe38888d72e1616b75924cd115a55da3d75
- SHA512
  
  3fdaf9dbf230b93ddae435247f3d46d0e312bf95b06be3da5b8fe16138e60510007e456b707fed47b980432a91f2f6eebfa6da7561af3865769cb0c00a8a3b5b
- SSDEEP
  
  12288:qOxPkPjQeqQ1Y53KRYTd25O07Y1iuJ0F+Z0ky3ETd25O07Y1iuJ0F+Z0ky3TEaGY:8EeqQq3KSTd50E1pkETd50E1pkToY
Score

8^/10

persistence
- Event Triggered Execution: Image File Execution Options Injection
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Image File Execution Options Injection

Privilege Escalation

Event Triggered Execution

Image File Execution Options Injection

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2