dba900db2a689c1318dd5a3b5cebb4a88ade88eb744bec959d4e3a8fd70e7bf2 | Triage

Sharing

General

Target

dba900db2a689c1318dd5a3b5cebb4a88ade88eb744bec959d4e3a8fd70e7bf2
Size

36KB
Sample

221003-vsq1zagchj
MD5

37e5470956895fcf69748e381ebe17f0
SHA1

ab0bad3a2da09592c5406428a398508d97de3d3a
SHA256

dba900db2a689c1318dd5a3b5cebb4a88ade88eb744bec959d4e3a8fd70e7bf2
SHA512

19c71ddeb17f10707eb58371b29958fa7fb9c36a88352a3c2c2dff6eae5bf201126c1f6496b1afdfff30eab9b25b2804488aed900205c97b46bd0149e2675667
SSDEEP

768:fECve+SVF51Nh5FO63GW77rt/apDAHgpsA/3fY:Fve+251Nh5Q69rNa1Ugewg

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  dba900db2a689c1318dd5a3b5cebb4a88ade88eb744bec959d4e3a8fd70e7bf2
- Size
  
  36KB
- MD5
  
  37e5470956895fcf69748e381ebe17f0
- SHA1
  
  ab0bad3a2da09592c5406428a398508d97de3d3a
- SHA256
  
  dba900db2a689c1318dd5a3b5cebb4a88ade88eb744bec959d4e3a8fd70e7bf2
- SHA512
  
  19c71ddeb17f10707eb58371b29958fa7fb9c36a88352a3c2c2dff6eae5bf201126c1f6496b1afdfff30eab9b25b2804488aed900205c97b46bd0149e2675667
- SSDEEP
  
  768:fECve+SVF51Nh5FO63GW77rt/apDAHgpsA/3fY:Fve+251Nh5Q69rNa1Ugewg
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2