4aa1a9f773c90c1c380ed15e6f1b566287aac2f0751588a83661225c04fb24bf | Triage

Sharing

General

Target

4aa1a9f773c90c1c380ed15e6f1b566287aac2f0751588a83661225c04fb24bf
Size

55KB
Sample

221011-efgzjadce8
MD5

6a91be324b928e26cae2c05d80faa460
SHA1

b87a153968c7c2491b7b0db4b507c50b7eef5e5e
SHA256

4aa1a9f773c90c1c380ed15e6f1b566287aac2f0751588a83661225c04fb24bf
SHA512

10dda0d888ffec67f312fb1725b4c467cd6c4cb93d68107db8d4b0969f64c7b809356a30d7b0905b783c6ccc2c32e39e5ee56ca29343efa8174490f928048981
SSDEEP

768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/QosWpH+DrCUpfi:V3cpyORJLuB4P4AJJv4Romu/9tpvUZS

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  4aa1a9f773c90c1c380ed15e6f1b566287aac2f0751588a83661225c04fb24bf
- Size
  
  55KB
- MD5
  
  6a91be324b928e26cae2c05d80faa460
- SHA1
  
  b87a153968c7c2491b7b0db4b507c50b7eef5e5e
- SHA256
  
  4aa1a9f773c90c1c380ed15e6f1b566287aac2f0751588a83661225c04fb24bf
- SHA512
  
  10dda0d888ffec67f312fb1725b4c467cd6c4cb93d68107db8d4b0969f64c7b809356a30d7b0905b783c6ccc2c32e39e5ee56ca29343efa8174490f928048981
- SSDEEP
  
  768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/QosWpH+DrCUpfi:V3cpyORJLuB4P4AJJv4Romu/9tpvUZS
Score

10^/10

evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2