8b2513bcc07cd20d6d9fa96a7c2d97e68c3a61b4183eb9ef05f37e5c7ab0f09e | Triage

Sharing

General

Target

8b2513bcc07cd20d6d9fa96a7c2d97e68c3a61b4183eb9ef05f37e5c7ab0f09e.exe
Size

1.1MB
Sample

241121-l7v4ss1hrl
MD5

087b319f60b731d59495f4765b4cb791
SHA1

20a7c5f5f3c77c298295e5fb94ddb3677749bffd
SHA256

8b2513bcc07cd20d6d9fa96a7c2d97e68c3a61b4183eb9ef05f37e5c7ab0f09e
SHA512

311bb3a91d8e3444f10dc85fea9952761ebeed9aaac724d889a2bd102ddd302f12cbde23e25af469b7d3e2837d57e42a6e05978fdb032f3063f32b4f571a4274
SSDEEP

24576:4qg8zeKPja85nd0T9RAN0P30mqym6hzsGoRlG4qqjwg1mRWRuM:44zeI/0XqymkulG4qmxmiuM

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  8b2513bcc07cd20d6d9fa96a7c2d97e68c3a61b4183eb9ef05f37e5c7ab0f09e.exe
- Size
  
  1.1MB
- MD5
  
  087b319f60b731d59495f4765b4cb791
- SHA1
  
  20a7c5f5f3c77c298295e5fb94ddb3677749bffd
- SHA256
  
  8b2513bcc07cd20d6d9fa96a7c2d97e68c3a61b4183eb9ef05f37e5c7ab0f09e
- SHA512
  
  311bb3a91d8e3444f10dc85fea9952761ebeed9aaac724d889a2bd102ddd302f12cbde23e25af469b7d3e2837d57e42a6e05978fdb032f3063f32b4f571a4274
- SSDEEP
  
  24576:4qg8zeKPja85nd0T9RAN0P30mqym6hzsGoRlG4qqjwg1mRWRuM:44zeI/0XqymkulG4qmxmiuM
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence