76d71942e599a9d41849a6a40a6fbcacdc8958a2566bd86375ede1ac85253b56 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

76d71942e599a9d41849a6a40a6fbcacdc8958a2566bd86375ede1ac85253b56
Size

54KB
Sample

221020-gsxlvsghe5
MD5

7b76e21af53ee5a84caa1b51f911bf10
SHA1

c8832a9796c8eb6f24ab2d02d4ec871a996f3c58
SHA256

76d71942e599a9d41849a6a40a6fbcacdc8958a2566bd86375ede1ac85253b56
SHA512

d1d09e51dcc0f068722c73ac52c0b957261414d55ce930fc1baa6efd006023eecc341c34c4ff6b57bd71829b24cd87ddfacb2a71ca4ac660586ce37a2dd890d0
SSDEEP

768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/7pZjEcoy/v/KxN:V3cpyORJLuB4P4AJJv4Romu/1BybS+L

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  76d71942e599a9d41849a6a40a6fbcacdc8958a2566bd86375ede1ac85253b56
- Size
  
  54KB
- MD5
  
  7b76e21af53ee5a84caa1b51f911bf10
- SHA1
  
  c8832a9796c8eb6f24ab2d02d4ec871a996f3c58
- SHA256
  
  76d71942e599a9d41849a6a40a6fbcacdc8958a2566bd86375ede1ac85253b56
- SHA512
  
  d1d09e51dcc0f068722c73ac52c0b957261414d55ce930fc1baa6efd006023eecc341c34c4ff6b57bd71829b24cd87ddfacb2a71ca4ac660586ce37a2dd890d0
- SSDEEP
  
  768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/7pZjEcoy/v/KxN:V3cpyORJLuB4P4AJJv4Romu/1BybS+L
Score

10^/10

evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2