33ae72525d0263f9a7f5e9fa350e8707c719564cb628458f9c6d69a8c696ec90 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33ae72525d0263f9a7f5e9fa350e8707c719564cb628458f9c6d69a8c696ec90
Size

256KB
Sample

220919-mhldqsgfdn
MD5

9b4a98fcabca2211163ddb197454ed34
SHA1

28d6a4c25dd121d50e9198eee9324fb717eb5943
SHA256

33ae72525d0263f9a7f5e9fa350e8707c719564cb628458f9c6d69a8c696ec90
SHA512

57445ccfa1902e0732d4a05a8d157813a8e39106247655244786ffa8c1f9d14872668f4304e63f2029d571db39f987f3547424643f6929ec272f013d0f51ff15
SSDEEP

6144:fBawbQXn2J5V2aWOKojDOgbTnNkyjZjj+:fAwbQWoOKojDOgbTNku

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  33ae72525d0263f9a7f5e9fa350e8707c719564cb628458f9c6d69a8c696ec90
- Size
  
  256KB
- MD5
  
  9b4a98fcabca2211163ddb197454ed34
- SHA1
  
  28d6a4c25dd121d50e9198eee9324fb717eb5943
- SHA256
  
  33ae72525d0263f9a7f5e9fa350e8707c719564cb628458f9c6d69a8c696ec90
- SHA512
  
  57445ccfa1902e0732d4a05a8d157813a8e39106247655244786ffa8c1f9d14872668f4304e63f2029d571db39f987f3547424643f6929ec272f013d0f51ff15
- SSDEEP
  
  6144:fBawbQXn2J5V2aWOKojDOgbTnNkyjZjj+:fAwbQWoOKojDOgbTNku
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence