f32692f89078c5a706ba5d93f70db5cd23c1b0496add07ba1733cf327ece6fba | Triage

Sharing

General

Target

f32692f89078c5a706ba5d93f70db5cd23c1b0496add07ba1733cf327ece6fba
Size

48KB
Sample

221002-2e4s8sddf5
MD5

3157ecbb198eba00cf410404bd945fa0
SHA1

c90156194aae82f64d00c3e76a47cef32780e318
SHA256

f32692f89078c5a706ba5d93f70db5cd23c1b0496add07ba1733cf327ece6fba
SHA512

fe4346855204c69eb5e5b439b60d3777bb1cd34f0a8ff8d69ac7a5d033f896261655a065322468165dba25fde88773d0ba9520e8fbf5dcb1c73d6ef05e84d480
SSDEEP

768:7eEJbt6huGYK/ctgTVH7NHaurxmWXOQfwoObuPb77e0:7eEBFRml5lXAoO+H79

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  f32692f89078c5a706ba5d93f70db5cd23c1b0496add07ba1733cf327ece6fba
- Size
  
  48KB
- MD5
  
  3157ecbb198eba00cf410404bd945fa0
- SHA1
  
  c90156194aae82f64d00c3e76a47cef32780e318
- SHA256
  
  f32692f89078c5a706ba5d93f70db5cd23c1b0496add07ba1733cf327ece6fba
- SHA512
  
  fe4346855204c69eb5e5b439b60d3777bb1cd34f0a8ff8d69ac7a5d033f896261655a065322468165dba25fde88773d0ba9520e8fbf5dcb1c73d6ef05e84d480
- SSDEEP
  
  768:7eEJbt6huGYK/ctgTVH7NHaurxmWXOQfwoObuPb77e0:7eEBFRml5lXAoO+H79
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence