46ad206fa4fd79cc79a34252b1ce148c4558d17dc132fc397ae5f4f7090a8723 | Triage

Sharing

General

Target

46ad206fa4fd79cc79a34252b1ce148c4558d17dc132fc397ae5f4f7090a8723.exe
Size

995KB
Sample

241119-xq6pra1dnq
MD5

2bb39f47f37a58cfc83e061f2bb29bfd
SHA1

4f54efaeb7ac015bd168e4e9dd10119a46d8aab2
SHA256

46ad206fa4fd79cc79a34252b1ce148c4558d17dc132fc397ae5f4f7090a8723
SHA512

46f081e54d6745f97c9e88b614d103d272a2ec1809ae85f7bf91183d2e717a65030f822936364d0fdde580d03e12d2a554fd8de3297e3f9211e8075a8fe4e019
SSDEEP

24576:qGRzatThRiVNbLGJv6plFh9iGa2oMYMgdsHGV:D8TjFJspDLoVMgdkq

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  46ad206fa4fd79cc79a34252b1ce148c4558d17dc132fc397ae5f4f7090a8723.exe
- Size
  
  995KB
- MD5
  
  2bb39f47f37a58cfc83e061f2bb29bfd
- SHA1
  
  4f54efaeb7ac015bd168e4e9dd10119a46d8aab2
- SHA256
  
  46ad206fa4fd79cc79a34252b1ce148c4558d17dc132fc397ae5f4f7090a8723
- SHA512
  
  46f081e54d6745f97c9e88b614d103d272a2ec1809ae85f7bf91183d2e717a65030f822936364d0fdde580d03e12d2a554fd8de3297e3f9211e8075a8fe4e019
- SSDEEP
  
  24576:qGRzatThRiVNbLGJv6plFh9iGa2oMYMgdsHGV:D8TjFJspDLoVMgdkq
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence