93f4edd6fd20e0aeaec603ea5212c066ef07180301ea53aede7bde05343839f6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

93f4edd6fd20e0aeaec603ea5212c066ef07180301ea53aede7bde05343839f6
Size

80KB
Sample

221002-jg31lseba9
MD5

706c809b5ae21072bfe19e007b27709f
SHA1

64bf2022f8b5d6286a794241fd728c96ee718460
SHA256

93f4edd6fd20e0aeaec603ea5212c066ef07180301ea53aede7bde05343839f6
SHA512

5418980a916b8c3474789fdf2c34e946b715f21b758164c2a5e203e555a70f3b31140cc4e4bff248605b768bceec2859435c8df1568cf41beb9e597d51c68420
SSDEEP

1536:EsKdger16Lti8n42APNR2dcScLcPcxeTanuUHWOls3xxNMq39gk34iS6G:Fe64PNEdcScLcPcfnuH0yG

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  93f4edd6fd20e0aeaec603ea5212c066ef07180301ea53aede7bde05343839f6
- Size
  
  80KB
- MD5
  
  706c809b5ae21072bfe19e007b27709f
- SHA1
  
  64bf2022f8b5d6286a794241fd728c96ee718460
- SHA256
  
  93f4edd6fd20e0aeaec603ea5212c066ef07180301ea53aede7bde05343839f6
- SHA512
  
  5418980a916b8c3474789fdf2c34e946b715f21b758164c2a5e203e555a70f3b31140cc4e4bff248605b768bceec2859435c8df1568cf41beb9e597d51c68420
- SSDEEP
  
  1536:EsKdger16Lti8n42APNR2dcScLcPcxeTanuUHWOls3xxNMq39gk34iS6G:Fe64PNEdcScLcPcfnuH0yG
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence