1bd822a346fcb68e84ab86ec787319a96dcc7ca66542378c12b12f6932da17d5 | Triage

Sharing

General

Target

1bd822a346fcb68e84ab86ec787319a96dcc7ca66542378c12b12f6932da17d5
Size

140KB
Sample

221011-zp8ttseahn
MD5

6860cbee605a84d3379dd6cc319ce552
SHA1

27073eb41749b4f8cb6c9388bbb7bcd060b7a322
SHA256

1bd822a346fcb68e84ab86ec787319a96dcc7ca66542378c12b12f6932da17d5
SHA512

7420a9a610f261df0575d4d407bfe4f6f357b169e80b482a0ba2d9d5820dbdc8598859737ba62a76315fef5005b763cfde730981686ba97cbddf8f57d9652675
SSDEEP

768:zHIEayt4pd04q0zik+vhy7g0EM/LinbQON2:TUeEn3+pCg0EUGQON2

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  1bd822a346fcb68e84ab86ec787319a96dcc7ca66542378c12b12f6932da17d5
- Size
  
  140KB
- MD5
  
  6860cbee605a84d3379dd6cc319ce552
- SHA1
  
  27073eb41749b4f8cb6c9388bbb7bcd060b7a322
- SHA256
  
  1bd822a346fcb68e84ab86ec787319a96dcc7ca66542378c12b12f6932da17d5
- SHA512
  
  7420a9a610f261df0575d4d407bfe4f6f357b169e80b482a0ba2d9d5820dbdc8598859737ba62a76315fef5005b763cfde730981686ba97cbddf8f57d9652675
- SSDEEP
  
  768:zHIEayt4pd04q0zik+vhy7g0EM/LinbQON2:TUeEn3+pCg0EUGQON2
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence