751cc9184210f15183a6df465d30a8f9904839e3312107615eba1d4b076e303a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

751cc9184210f15183a6df465d30a8f9904839e3312107615eba1d4b076e303a
Size

156KB
Sample

221003-djbfgsegfm
MD5

5c175e39c39e7b441e5066d090479ca0
SHA1

f2cb3e42fb44cdbd18f1d5ead5af65d3d34a23da
SHA256

751cc9184210f15183a6df465d30a8f9904839e3312107615eba1d4b076e303a
SHA512

3bea99bc97bb82cb64d226a40149048d2150080be77c6c743475f6b5a756d1a3fa7cc397c9f68bad992ff8844a2c153aeea7561a06dc75816a957c81d9701985
SSDEEP

3072:DpJW7AiFgyqTRlU3NhCBvu9pjZEwDxdr8JrC9y:9JmORl+NhwWrjuwDQUA

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  751cc9184210f15183a6df465d30a8f9904839e3312107615eba1d4b076e303a
- Size
  
  156KB
- MD5
  
  5c175e39c39e7b441e5066d090479ca0
- SHA1
  
  f2cb3e42fb44cdbd18f1d5ead5af65d3d34a23da
- SHA256
  
  751cc9184210f15183a6df465d30a8f9904839e3312107615eba1d4b076e303a
- SHA512
  
  3bea99bc97bb82cb64d226a40149048d2150080be77c6c743475f6b5a756d1a3fa7cc397c9f68bad992ff8844a2c153aeea7561a06dc75816a957c81d9701985
- SSDEEP
  
  3072:DpJW7AiFgyqTRlU3NhCBvu9pjZEwDxdr8JrC9y:9JmORl+NhwWrjuwDQUA
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence