11604a6c8405d73c946f32f36aca33025fcb2a77ed50ab26a4b2197ad8ab8dd8 | Triage

Sharing

General

Target

11604a6c8405d73c946f32f36aca33025fcb2a77ed50ab26a4b2197ad8ab8dd8
Size

1.1MB
Sample

241121-n3p34asjdw
MD5

ea70886e83770e19d38ca5a949e0bb51
SHA1

d357f7cab0cbca4ba61d9d7247c801464ebb52cf
SHA256

11604a6c8405d73c946f32f36aca33025fcb2a77ed50ab26a4b2197ad8ab8dd8
SHA512

3417dd69c7e1a6e9ae3a81f596452266a5d7b3f546ea48d60790f1dabd9e9b990780a620b4ad6e7497214922f41bb84b4ad424c1f822324fb70037c61d9c5609
SSDEEP

24576:4qg8zeKPja85nd0T9RAN0P30mqym6hzsGoRlG4qqjwg1mRWRu1:44zeI/0XqymkulG4qmxmiu1

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  11604a6c8405d73c946f32f36aca33025fcb2a77ed50ab26a4b2197ad8ab8dd8
- Size
  
  1.1MB
- MD5
  
  ea70886e83770e19d38ca5a949e0bb51
- SHA1
  
  d357f7cab0cbca4ba61d9d7247c801464ebb52cf
- SHA256
  
  11604a6c8405d73c946f32f36aca33025fcb2a77ed50ab26a4b2197ad8ab8dd8
- SHA512
  
  3417dd69c7e1a6e9ae3a81f596452266a5d7b3f546ea48d60790f1dabd9e9b990780a620b4ad6e7497214922f41bb84b4ad424c1f822324fb70037c61d9c5609
- SSDEEP
  
  24576:4qg8zeKPja85nd0T9RAN0P30mqym6hzsGoRlG4qqjwg1mRWRu1:44zeI/0XqymkulG4qmxmiu1
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence