f613e7d5ff65b6519ccfbc4ac85ab0ada56005294ee46583367b7e8983f52005 | Triage

Sharing

General

Target

f613e7d5ff65b6519ccfbc4ac85ab0ada56005294ee46583367b7e8983f52005N
Size

2.0MB
Sample

241001-vmq4sa1arj
MD5

e0942b859d85872b62b8ab1793edde90
SHA1

4322ef3c1ceb5c97dd4b5375bf70aefbc982f3a5
SHA256

f613e7d5ff65b6519ccfbc4ac85ab0ada56005294ee46583367b7e8983f52005
SHA512

f7cd593addf5bc5b3ba03b72b6a1f2e0020a3dc8008b7145e6a94dcca7570d518a5e47dc226d63772df4eae7ba485b8db8ba9963993e6c04f2341c3a9b960835
SSDEEP

24576:VLILY8Xu/3y8UsG2BgYLicwnkrCHdebUKyZURQ1TgjTb:iYrC8UsGuTwWCHdeQKyZURQ1EjTb

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  f613e7d5ff65b6519ccfbc4ac85ab0ada56005294ee46583367b7e8983f52005N
- Size
  
  2.0MB
- MD5
  
  e0942b859d85872b62b8ab1793edde90
- SHA1
  
  4322ef3c1ceb5c97dd4b5375bf70aefbc982f3a5
- SHA256
  
  f613e7d5ff65b6519ccfbc4ac85ab0ada56005294ee46583367b7e8983f52005
- SHA512
  
  f7cd593addf5bc5b3ba03b72b6a1f2e0020a3dc8008b7145e6a94dcca7570d518a5e47dc226d63772df4eae7ba485b8db8ba9963993e6c04f2341c3a9b960835
- SSDEEP
  
  24576:VLILY8Xu/3y8UsG2BgYLicwnkrCHdebUKyZURQ1TgjTb:iYrC8UsGuTwWCHdeQKyZURQ1EjTb
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence