dd97cc02fd7bc24bbfe09f78c106c3956aeb33c809c50493bac30fe10edf23d6 | Triage

Sharing

General

Target

dd97cc02fd7bc24bbfe09f78c106c3956aeb33c809c50493bac30fe10edf23d6
Size

148KB
Sample

221003-ttjslseecm
MD5

568f69c305e5443d2fc3d90105ec2231
SHA1

42f05cd9ea7c7945a05afdebfb6b161a706cb615
SHA256

dd97cc02fd7bc24bbfe09f78c106c3956aeb33c809c50493bac30fe10edf23d6
SHA512

28e7b7f00f5fd995856148ec9678fdfc01dec4f5e4b5626516f9b8d01af7ef6bbd2e644050b675f478c9d25f154c138d2e22bcdf90964190d7c0dfed8f5c4bf5
SSDEEP

1536:po9LCOf4BlqPAK1lxnX+PBcRlouQvSPouXZ6D6Jj5wl+dwCMZUbP7X2YhxYAZxZb:G4KalqPpR+Pco6ouZ68Kl+dnMZUbxd

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  dd97cc02fd7bc24bbfe09f78c106c3956aeb33c809c50493bac30fe10edf23d6
- Size
  
  148KB
- MD5
  
  568f69c305e5443d2fc3d90105ec2231
- SHA1
  
  42f05cd9ea7c7945a05afdebfb6b161a706cb615
- SHA256
  
  dd97cc02fd7bc24bbfe09f78c106c3956aeb33c809c50493bac30fe10edf23d6
- SHA512
  
  28e7b7f00f5fd995856148ec9678fdfc01dec4f5e4b5626516f9b8d01af7ef6bbd2e644050b675f478c9d25f154c138d2e22bcdf90964190d7c0dfed8f5c4bf5
- SSDEEP
  
  1536:po9LCOf4BlqPAK1lxnX+PBcRlouQvSPouXZ6D6Jj5wl+dwCMZUbP7X2YhxYAZxZb:G4KalqPpR+Pco6ouZ68Kl+dnMZUbxd
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence