db77c45c3f003c0b27bb0b0caef5d4defa9791e53d6cc71f8b526ba6995b8253 | Triage

Sharing

General

Target

db77c45c3f003c0b27bb0b0caef5d4defa9791e53d6cc71f8b526ba6995b8253.exe
Size

245KB
Sample

241121-nbb26a1qbz
MD5

2f295285aa65cbe996257e8d42de7a4a
SHA1

4a4e1766f4f68afb370437cc6973787d12116661
SHA256

db77c45c3f003c0b27bb0b0caef5d4defa9791e53d6cc71f8b526ba6995b8253
SHA512

eec08a8a5b7361c17bb52e7c344e596de45d357ea83c964e7a313140b6c0860cc89156bc4ad3484163cb77cbc22ad4c35893d24b86360040490c914f074de6be
SSDEEP

3072:/cT9g8immW6Pozkk2eKs/CSr2nQ/E2S5ny+bF2u1I+ddDK7Hlq/B8tkgnYHfQlAq:o68i3odBiTl2+TCU/Kk8KfQlE7q

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  db77c45c3f003c0b27bb0b0caef5d4defa9791e53d6cc71f8b526ba6995b8253.exe
- Size
  
  245KB
- MD5
  
  2f295285aa65cbe996257e8d42de7a4a
- SHA1
  
  4a4e1766f4f68afb370437cc6973787d12116661
- SHA256
  
  db77c45c3f003c0b27bb0b0caef5d4defa9791e53d6cc71f8b526ba6995b8253
- SHA512
  
  eec08a8a5b7361c17bb52e7c344e596de45d357ea83c964e7a313140b6c0860cc89156bc4ad3484163cb77cbc22ad4c35893d24b86360040490c914f074de6be
- SSDEEP
  
  3072:/cT9g8immW6Pozkk2eKs/CSr2nQ/E2S5ny+bF2u1I+ddDK7Hlq/B8tkgnYHfQlAq:o68i3odBiTl2+TCU/Kk8KfQlE7q
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence