77ce0215b2bc7ffa28bd4a628f231578f7ba1c2fd405a0d92318632462efe55a | Triage

Sharing

General

Target

77ce0215b2bc7ffa28bd4a628f231578f7ba1c2fd405a0d92318632462efe55a
Size

192KB
Sample

221020-fx7rysfeb4
MD5

74d1a537a3ef8e2f6ed5b0397185e350
SHA1

4cce888431f37f853769bbc5831b77deeb6baf24
SHA256

77ce0215b2bc7ffa28bd4a628f231578f7ba1c2fd405a0d92318632462efe55a
SHA512

4ce3f11cbf66a4413d7688bdc026dc73531b365e733ef2456e34ac114cd15a46be86f910fb15f6da2d40ccf1a46b1c2744748a6e762d1dc4d0f98e49885b5496
SSDEEP

3072:IGe2fdLbEams2YhFEryJVVtOTI4BkcKmPcfNVw8:zdLAavFHVVtO7KmkfNVL

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  77ce0215b2bc7ffa28bd4a628f231578f7ba1c2fd405a0d92318632462efe55a
- Size
  
  192KB
- MD5
  
  74d1a537a3ef8e2f6ed5b0397185e350
- SHA1
  
  4cce888431f37f853769bbc5831b77deeb6baf24
- SHA256
  
  77ce0215b2bc7ffa28bd4a628f231578f7ba1c2fd405a0d92318632462efe55a
- SHA512
  
  4ce3f11cbf66a4413d7688bdc026dc73531b365e733ef2456e34ac114cd15a46be86f910fb15f6da2d40ccf1a46b1c2744748a6e762d1dc4d0f98e49885b5496
- SSDEEP
  
  3072:IGe2fdLbEams2YhFEryJVVtOTI4BkcKmPcfNVw8:zdLAavFHVVtO7KmkfNVL
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence