39925d4766823bb7883ca33b96baa0a1d072a7f976decc76cc9e38a103c957d4 | Triage

Sharing

General

Target

39925d4766823bb7883ca33b96baa0a1d072a7f976decc76cc9e38a103c957d4
Size

252KB
Sample

221002-a1mnasfcgp
MD5

6573f757ecba6c0da6f515f172c29000
SHA1

d67259bda67f01d0620f705efc9cdd31ca7ce08c
SHA256

39925d4766823bb7883ca33b96baa0a1d072a7f976decc76cc9e38a103c957d4
SHA512

625f716a33162499ab29d73393984e1972ad8382b24b89e45a8ca8bc397fa8c1f390515100f90de6d7ed32ae18ab082e09fdf04249e9ed858075f9bd802ac637
SSDEEP

6144:DefHev4nGx/AMSDiaf2sG9+dUk8RlxHALcJ:6f+wnaAMSDiaf2sG991ALcJ

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  39925d4766823bb7883ca33b96baa0a1d072a7f976decc76cc9e38a103c957d4
- Size
  
  252KB
- MD5
  
  6573f757ecba6c0da6f515f172c29000
- SHA1
  
  d67259bda67f01d0620f705efc9cdd31ca7ce08c
- SHA256
  
  39925d4766823bb7883ca33b96baa0a1d072a7f976decc76cc9e38a103c957d4
- SHA512
  
  625f716a33162499ab29d73393984e1972ad8382b24b89e45a8ca8bc397fa8c1f390515100f90de6d7ed32ae18ab082e09fdf04249e9ed858075f9bd802ac637
- SSDEEP
  
  6144:DefHev4nGx/AMSDiaf2sG9+dUk8RlxHALcJ:6f+wnaAMSDiaf2sG991ALcJ
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence