67a2a4abaae37860de30433e5e1e5805c5c63d0f30e754ea7febb2804cd075dd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67a2a4abaae37860de30433e5e1e5805c5c63d0f30e754ea7febb2804cd075dd
Size

55KB
Sample

221003-ngb94sdef2
MD5

614752d5f413a14cd1efe64d861ef8a8
SHA1

a57a8bf0993329310553f336e70ad6829da3fb1c
SHA256

67a2a4abaae37860de30433e5e1e5805c5c63d0f30e754ea7febb2804cd075dd
SHA512

ffa93c7bc10bf6de93c0aaeee1f711efc094f26e0138fc1d6c967c5a4d622af5e62838e6aaf5ff59333dfbd2d67881414d44d8ef8cd09947f665a17f99eab6c2
SSDEEP

1536:V3cpyORJLuB4P4AJJv4Romu/3LaNHRIdweg:V3c1fP4AJJv45wcew

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  67a2a4abaae37860de30433e5e1e5805c5c63d0f30e754ea7febb2804cd075dd
- Size
  
  55KB
- MD5
  
  614752d5f413a14cd1efe64d861ef8a8
- SHA1
  
  a57a8bf0993329310553f336e70ad6829da3fb1c
- SHA256
  
  67a2a4abaae37860de30433e5e1e5805c5c63d0f30e754ea7febb2804cd075dd
- SHA512
  
  ffa93c7bc10bf6de93c0aaeee1f711efc094f26e0138fc1d6c967c5a4d622af5e62838e6aaf5ff59333dfbd2d67881414d44d8ef8cd09947f665a17f99eab6c2
- SSDEEP
  
  1536:V3cpyORJLuB4P4AJJv4Romu/3LaNHRIdweg:V3c1fP4AJJv45wcew
Score

10^/10

evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2