50cce3616f588cb8eec4b98754ea33523ee1e8242ab607b188cbd45f0383dcff | Triage

Sharing

General

Target

50cce3616f588cb8eec4b98754ea33523ee1e8242ab607b188cbd45f0383dcff
Size

196KB
Sample

221012-rdn2aaefdr
MD5

7bb51680e2c69548ecdef6e325871010
SHA1

aecd5d553177010b6a31411eebef0e9f3a4b04d3
SHA256

50cce3616f588cb8eec4b98754ea33523ee1e8242ab607b188cbd45f0383dcff
SHA512

86dd52623d4ef424cd58de40a34c41b14ac895f0731822759be615a2fde91b76be1f0c6f183bb731027f883cbcd6b043af73828940552f3392f3cb3b7aca4837
SSDEEP

6144:VuvuUPH3bX2a23NYcJQ8TfxZ85WJ007G9tSBN70ZfA:8vuUPH3bX2a23NYcJQ8TfxZ9J0rtSzQO

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  50cce3616f588cb8eec4b98754ea33523ee1e8242ab607b188cbd45f0383dcff
- Size
  
  196KB
- MD5
  
  7bb51680e2c69548ecdef6e325871010
- SHA1
  
  aecd5d553177010b6a31411eebef0e9f3a4b04d3
- SHA256
  
  50cce3616f588cb8eec4b98754ea33523ee1e8242ab607b188cbd45f0383dcff
- SHA512
  
  86dd52623d4ef424cd58de40a34c41b14ac895f0731822759be615a2fde91b76be1f0c6f183bb731027f883cbcd6b043af73828940552f3392f3cb3b7aca4837
- SSDEEP
  
  6144:VuvuUPH3bX2a23NYcJQ8TfxZ85WJ007G9tSBN70ZfA:8vuUPH3bX2a23NYcJQ8TfxZ9J0rtSzQO
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence