3043dd75f4ceadf444041aa065de9774d12c6ec9bef0340605bd87cca937b90b | Triage

Sharing

General

Target

3043dd75f4ceadf444041aa065de9774d12c6ec9bef0340605bd87cca937b90b
Size

148KB
Sample

221011-lq2v1sgfd2
MD5

62166b8289a621073570fb8e5a724fe8
SHA1

ef098429eb441544b9b76d061d5451a66a571c17
SHA256

3043dd75f4ceadf444041aa065de9774d12c6ec9bef0340605bd87cca937b90b
SHA512

a00a0c46dc64c47bb81aa8734ed6796118c73977a24eead3c25b3740f897f000b76aa709c2d3f0609887b37b43792114c76094365413126c67bc65ae71119653
SSDEEP

1536:PieaxAhE1SV++mRR0cL+iOJsz5czE4M52BoSHvSC3T4Gx4Mgkt+:yl1rZRRTLz5cg4aNo+

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  3043dd75f4ceadf444041aa065de9774d12c6ec9bef0340605bd87cca937b90b
- Size
  
  148KB
- MD5
  
  62166b8289a621073570fb8e5a724fe8
- SHA1
  
  ef098429eb441544b9b76d061d5451a66a571c17
- SHA256
  
  3043dd75f4ceadf444041aa065de9774d12c6ec9bef0340605bd87cca937b90b
- SHA512
  
  a00a0c46dc64c47bb81aa8734ed6796118c73977a24eead3c25b3740f897f000b76aa709c2d3f0609887b37b43792114c76094365413126c67bc65ae71119653
- SSDEEP
  
  1536:PieaxAhE1SV++mRR0cL+iOJsz5czE4M52BoSHvSC3T4Gx4Mgkt+:yl1rZRRTLz5cg4aNo+
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence