dcf022c83dd3090ab93d331fadb4c145bed3323aba1e10e68caf0969b24c5910 | Triage

Submit
Reports

Overview

overview

Static

static

dcf022c83d...10.exe

windows7_x64

dcf022c83d...10.exe

windows10-2004_x64

Sharing

General

Target

dcf022c83dd3090ab93d331fadb4c145bed3323aba1e10e68caf0969b24c5910
Size

3.7MB
Sample

220520-19rlqaaafj
MD5

dcab6a3b553a1bce6c3202ba1d5b60bb
SHA1

89c7c300b75e288247dc767748934beacf44c62e
SHA256

dcf022c83dd3090ab93d331fadb4c145bed3323aba1e10e68caf0969b24c5910
SHA512

0143699c3600484dcce96d056c7bf6891e6fd9e8cc7e0a88aee350b49e257fbb7cae2028174ce1e2cf5f10bf8fed870101db5c745b670a8716a397e2c988489d

Score

10^/10

evasion persistence

Static task

static1

Behavioral task

behavioral1

Sample

dcf022c83dd3090ab93d331fadb4c145bed3323aba1e10e68caf0969b24c5910.exe

Resource

win7-20220414-en

evasion persistence

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

dcf022c83dd3090ab93d331fadb4c145bed3323aba1e10e68caf0969b24c5910.exe

Resource

win10v2004-20220414-en

evasion persistence

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  dcf022c83dd3090ab93d331fadb4c145bed3323aba1e10e68caf0969b24c5910
- Size
  
  3.7MB
- MD5
  
  dcab6a3b553a1bce6c3202ba1d5b60bb
- SHA1
  
  89c7c300b75e288247dc767748934beacf44c62e
- SHA256
  
  dcf022c83dd3090ab93d331fadb4c145bed3323aba1e10e68caf0969b24c5910
- SHA512
  
  0143699c3600484dcce96d056c7bf6891e6fd9e8cc7e0a88aee350b49e257fbb7cae2028174ce1e2cf5f10bf8fed870101db5c745b670a8716a397e2c988489d
Score

10^/10

evasion persistence
- Modifies visibility of file extensions in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence

© 2018-2024

Terms | Privacy