9385e407b10421e29bc56b8f458f5573ef72beb7343d5cf54d7271e7f6d3850d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9385e407b10421e29bc56b8f458f5573ef72beb7343d5cf54d7271e7f6d3850dN
Size

2.1MB
Sample

241001-h6y8aaxdlk
MD5

8bf7be7eaefb3440b9ee0854ad5a5940
SHA1

45a3b626bd5cf7a133860481a7004107f13112ea
SHA256

9385e407b10421e29bc56b8f458f5573ef72beb7343d5cf54d7271e7f6d3850d
SHA512

77bb190abca5b1216396159fa951d757a0f1204ef05b54c4af96fcfa153bea259fa145f66f17bf0eba6cf9a54679b68a60923f1069f2b5f4d0fe84a387f14f87
SSDEEP

24576:eTCwOJFNEy558fDlu4hKWBAjho5i9cBM9vyXsxDjQ0CIY6EDlQ7u0nEFcdjrfM:0OzN2cTBw6gW+Y0

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  9385e407b10421e29bc56b8f458f5573ef72beb7343d5cf54d7271e7f6d3850dN
- Size
  
  2.1MB
- MD5
  
  8bf7be7eaefb3440b9ee0854ad5a5940
- SHA1
  
  45a3b626bd5cf7a133860481a7004107f13112ea
- SHA256
  
  9385e407b10421e29bc56b8f458f5573ef72beb7343d5cf54d7271e7f6d3850d
- SHA512
  
  77bb190abca5b1216396159fa951d757a0f1204ef05b54c4af96fcfa153bea259fa145f66f17bf0eba6cf9a54679b68a60923f1069f2b5f4d0fe84a387f14f87
- SSDEEP
  
  24576:eTCwOJFNEy558fDlu4hKWBAjho5i9cBM9vyXsxDjQ0CIY6EDlQ7u0nEFcdjrfM:0OzN2cTBw6gW+Y0
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence