09c47fef7431253e53f85a3abbfc33f68fd8ed60a5c006b1398489a371c1b847 | Triage

Sharing

General

Target

09c47fef7431253e53f85a3abbfc33f68fd8ed60a5c006b1398489a371c1b847
Size

43KB
Sample

240929-w3ftesyeja
MD5

fbf78e9ca07bf4b3d1744f608c2e9130
SHA1

d41da6db00da33a316a5fde858ef2c8f4aba5210
SHA256

09c47fef7431253e53f85a3abbfc33f68fd8ed60a5c006b1398489a371c1b847
SHA512

1200c1ff748830f9f0de8a0ec0643d970f656326aff107da7df8302b44f5b87a070d0f592d94d2d871a63f6ec03cb0c6d7ed45513c557b46d73b01b5d292fa8e
SSDEEP

768:nOajlmN8cv9awhpBphFbQWOdoOyfL2z5pTPpVyVo8R555SGNgGgKwCtQH/uD:nOa8Z9h9cWOXILS5RaqAr5SugGgotQHq

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  09c47fef7431253e53f85a3abbfc33f68fd8ed60a5c006b1398489a371c1b847
- Size
  
  43KB
- MD5
  
  fbf78e9ca07bf4b3d1744f608c2e9130
- SHA1
  
  d41da6db00da33a316a5fde858ef2c8f4aba5210
- SHA256
  
  09c47fef7431253e53f85a3abbfc33f68fd8ed60a5c006b1398489a371c1b847
- SHA512
  
  1200c1ff748830f9f0de8a0ec0643d970f656326aff107da7df8302b44f5b87a070d0f592d94d2d871a63f6ec03cb0c6d7ed45513c557b46d73b01b5d292fa8e
- SSDEEP
  
  768:nOajlmN8cv9awhpBphFbQWOdoOyfL2z5pTPpVyVo8R555SGNgGgKwCtQH/uD:nOa8Z9h9cWOXILS5RaqAr5SugGgotQHq
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2