7e83816aef333746e844bc051cf63757794636a30e9826becaac72a961a170e3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7e83816aef333746e844bc051cf63757794636a30e9826becaac72a961a170e3
Size

320KB
Sample

221011-ln8wjsgfer
MD5

692ac89574594d6dcf901e891fe97b50
SHA1

3c3a8a7afe34901c55114b0a719839517b5cdbc2
SHA256

7e83816aef333746e844bc051cf63757794636a30e9826becaac72a961a170e3
SHA512

b720ac61ead35d6421e7f68f1a069366300fbac4bd83bf5821cd4d28a49ad6ea2f945b095ec998a3e2c0189fd0dc73d0967ccb8ad30a9eda6e464401fdb1d218
SSDEEP

6144:wAea/XGccvg2N9rljS6/Vt6MwJD0i/pv8ZaROiixeq6N3sUjgHTvzfHuPwXKjKVv:ga/2vg2N9R5+voeq6N3sv6OVrD

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  7e83816aef333746e844bc051cf63757794636a30e9826becaac72a961a170e3
- Size
  
  320KB
- MD5
  
  692ac89574594d6dcf901e891fe97b50
- SHA1
  
  3c3a8a7afe34901c55114b0a719839517b5cdbc2
- SHA256
  
  7e83816aef333746e844bc051cf63757794636a30e9826becaac72a961a170e3
- SHA512
  
  b720ac61ead35d6421e7f68f1a069366300fbac4bd83bf5821cd4d28a49ad6ea2f945b095ec998a3e2c0189fd0dc73d0967ccb8ad30a9eda6e464401fdb1d218
- SSDEEP
  
  6144:wAea/XGccvg2N9rljS6/Vt6MwJD0i/pv8ZaROiixeq6N3sUjgHTvzfHuPwXKjKVv:ga/2vg2N9R5+voeq6N3sv6OVrD
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence