121bfcb759e561bca3f63777498646c80d030a92dac5a27c7c9cc8f5581e672e | Triage

Sharing

General

Target

fyjsdfcawd.exe
Size

29KB
Sample

241227-s9ggrawrbt
MD5

3ace4cb9af0f0a2788212b3ec9dd4a4e
SHA1

2914bd74b5553f5f4dbd5f7b23bc00d04a2c77cb
SHA256

121bfcb759e561bca3f63777498646c80d030a92dac5a27c7c9cc8f5581e672e
SHA512

76ecc354b1fb5bf93f18bbe9f85401ef40e0826f7eea73a0cb5afda5d69ec384a459c07b6cc2386176888978d2dbb9bac9360e249114c59799de0984bbba5c56
SSDEEP

384:EhEy+hzv91UqVY8+JppEhKe+Ej7sI4GSFdX9NAb/QX22r5A/w/o0el7xI:IEy+hT91UqVY8+XpEh6CMs7gx/o17

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  fyjsdfcawd.exe
- Size
  
  29KB
- MD5
  
  3ace4cb9af0f0a2788212b3ec9dd4a4e
- SHA1
  
  2914bd74b5553f5f4dbd5f7b23bc00d04a2c77cb
- SHA256
  
  121bfcb759e561bca3f63777498646c80d030a92dac5a27c7c9cc8f5581e672e
- SHA512
  
  76ecc354b1fb5bf93f18bbe9f85401ef40e0826f7eea73a0cb5afda5d69ec384a459c07b6cc2386176888978d2dbb9bac9360e249114c59799de0984bbba5c56
- SSDEEP
  
  384:EhEy+hzv91UqVY8+JppEhKe+Ej7sI4GSFdX9NAb/QX22r5A/w/o0el7xI:IEy+hT91UqVY8+XpEh6CMs7gx/o17
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2