a93af1b552755ae97499973701836ccfb6194db4e5961a32382c3a86f753527e | Triage

Sharing

General

Target

a93af1b552755ae97499973701836ccfb6194db4e5961a32382c3a86f753527e.exe
Size

26KB
Sample

241120-ekvq7azpht
MD5

b12127c8d3175041eacf97703991abd9
SHA1

01bab3cd033989d3f452a26d9c8dd621bfedd1dc
SHA256

a93af1b552755ae97499973701836ccfb6194db4e5961a32382c3a86f753527e
SHA512

bf93efb6372dcd6fc69769e10d324c0dcbd8cc298f0a143e36d87767e8116b93a0bb31740bb943f51cb8dce5cf7aa796841473741bd9b4bc4b64ca42c16c7286
SSDEEP

768:qq3G3q83wdv7GLGS1R9TNoINEx9jnhwr+i:Jkq83wdv7Gt8i

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  a93af1b552755ae97499973701836ccfb6194db4e5961a32382c3a86f753527e.exe
- Size
  
  26KB
- MD5
  
  b12127c8d3175041eacf97703991abd9
- SHA1
  
  01bab3cd033989d3f452a26d9c8dd621bfedd1dc
- SHA256
  
  a93af1b552755ae97499973701836ccfb6194db4e5961a32382c3a86f753527e
- SHA512
  
  bf93efb6372dcd6fc69769e10d324c0dcbd8cc298f0a143e36d87767e8116b93a0bb31740bb943f51cb8dce5cf7aa796841473741bd9b4bc4b64ca42c16c7286
- SSDEEP
  
  768:qq3G3q83wdv7GLGS1R9TNoINEx9jnhwr+i:Jkq83wdv7Gt8i
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence