1565d137d235b65af1d1e4963ebc02eaf36cc81f870534674983bc6f67e5e274 | Triage

Sharing

General

Target

1565d137d235b65af1d1e4963ebc02eaf36cc81f870534674983bc6f67e5e274.exe
Size

6.5MB
Sample

241119-xkrzea1clj
MD5

431179691f1f5bcbcc184ce27427e8da
SHA1

b5616836e11bb7af8e97d04e2a022907149e256e
SHA256

1565d137d235b65af1d1e4963ebc02eaf36cc81f870534674983bc6f67e5e274
SHA512

948e9679edbcc75ca613acb9dadfa2b8eb3f02a8c0f817df98855e689e61712664aec905173ae2267802334aae0708a1d4c2ddcf4ac31b03ba139df8ced9da43
SSDEEP

196608:ceO6GGokyYvHdj6HjGLQWPSZhaNsdz/LdbWox:ceffyY1j6DGUW9sdjRbFx

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  1565d137d235b65af1d1e4963ebc02eaf36cc81f870534674983bc6f67e5e274.exe
- Size
  
  6.5MB
- MD5
  
  431179691f1f5bcbcc184ce27427e8da
- SHA1
  
  b5616836e11bb7af8e97d04e2a022907149e256e
- SHA256
  
  1565d137d235b65af1d1e4963ebc02eaf36cc81f870534674983bc6f67e5e274
- SHA512
  
  948e9679edbcc75ca613acb9dadfa2b8eb3f02a8c0f817df98855e689e61712664aec905173ae2267802334aae0708a1d4c2ddcf4ac31b03ba139df8ced9da43
- SSDEEP
  
  196608:ceO6GGokyYvHdj6HjGLQWPSZhaNsdz/LdbWox:ceffyY1j6DGUW9sdjRbFx
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence