9d1d3045b1497995f9c027bf91ea1d0905d0b227a5e15440a1e6327efce43160 | Triage

Sharing

General

Target

9d1d3045b1497995f9c027bf91ea1d0905d0b227a5e15440a1e6327efce43160
Size

55KB
Sample

221003-kbaybaehf7
MD5

66e508392bd995585d8a0a062233709b
SHA1

45cbe286794853d1690c51f5f13d471697b65dbe
SHA256

9d1d3045b1497995f9c027bf91ea1d0905d0b227a5e15440a1e6327efce43160
SHA512

3ad68bd171465193483eaecfd0ffc6de201f9919778e170505a8c59887cf7241b74d2d3cd42e62c8d2ee610b063a59bada391bfde48d91859ed1bec41613c3d0
SSDEEP

768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/QosWpH+DrCUpfF:V3cpyORJLuB4P4AJJv4Romu/9tpvUZ1

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  9d1d3045b1497995f9c027bf91ea1d0905d0b227a5e15440a1e6327efce43160
- Size
  
  55KB
- MD5
  
  66e508392bd995585d8a0a062233709b
- SHA1
  
  45cbe286794853d1690c51f5f13d471697b65dbe
- SHA256
  
  9d1d3045b1497995f9c027bf91ea1d0905d0b227a5e15440a1e6327efce43160
- SHA512
  
  3ad68bd171465193483eaecfd0ffc6de201f9919778e170505a8c59887cf7241b74d2d3cd42e62c8d2ee610b063a59bada391bfde48d91859ed1bec41613c3d0
- SSDEEP
  
  768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/QosWpH+DrCUpfF:V3cpyORJLuB4P4AJJv4Romu/9tpvUZ1
Score

10^/10

evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2