ed79100c1e1051ddce0e08da195154ff4ef2cbb73ae650251596c5d135f89050 | Triage

Sharing

General

Target

ed79100c1e1051ddce0e08da195154ff4ef2cbb73ae650251596c5d135f89050N.exe
Size

93KB
Sample

241121-l2vwvavrcn
MD5

e4a98e87a9335207fd785a7ac84d8c90
SHA1

ae86720e0e0e70a277cf15714f90c5b41f0bb4d9
SHA256

ed79100c1e1051ddce0e08da195154ff4ef2cbb73ae650251596c5d135f89050
SHA512

6c06cc4a6580bdd44599a9fe68d94e53fd648fa2aba736f88ea73b3308e94abc084cac58dbb516a1f1b2219c4e3f5bb2bcadf7fac42208821353057b7cd207b7
SSDEEP

1536:OUMTIGU8vM3dG7l5rphVgEQF5NM4Jt78eRL2h+nhMJ41me:ObTIGbvM3dIhVYFU4JtVRqYnCJ41me

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  ed79100c1e1051ddce0e08da195154ff4ef2cbb73ae650251596c5d135f89050N.exe
- Size
  
  93KB
- MD5
  
  e4a98e87a9335207fd785a7ac84d8c90
- SHA1
  
  ae86720e0e0e70a277cf15714f90c5b41f0bb4d9
- SHA256
  
  ed79100c1e1051ddce0e08da195154ff4ef2cbb73ae650251596c5d135f89050
- SHA512
  
  6c06cc4a6580bdd44599a9fe68d94e53fd648fa2aba736f88ea73b3308e94abc084cac58dbb516a1f1b2219c4e3f5bb2bcadf7fac42208821353057b7cd207b7
- SSDEEP
  
  1536:OUMTIGU8vM3dG7l5rphVgEQF5NM4Jt78eRL2h+nhMJ41me:ObTIGbvM3dIhVYFU4JtVRqYnCJ41me
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence