75b12244eb2ad3612a39b3cc2902181011c65fbd6911767493d440f4cab3658a | Triage

Sharing

General

Target

75b12244eb2ad3612a39b3cc2902181011c65fbd6911767493d440f4cab3658a
Size

96KB
Sample

221028-w4zmxsagcr
MD5

005fbdc604317bb6b65aa89721fea7d0
SHA1

1d2ecac549295fd8c2d98396d333198d00b45c7a
SHA256

75b12244eb2ad3612a39b3cc2902181011c65fbd6911767493d440f4cab3658a
SHA512

90bc9b87e16d0b843519a72be53027a5e66937b8b7274839dbc7e0de9f19f1426a57789977cbe72d1ed5f41af1b10c05b29bbe6e8cf322a27bd61de446801a68
SSDEEP

1536:EVQcEVXEsTCfNEHYkJouJjcXCSuyAn7X3i6Emq/d:4mckJouJjcgcd

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  75b12244eb2ad3612a39b3cc2902181011c65fbd6911767493d440f4cab3658a
- Size
  
  96KB
- MD5
  
  005fbdc604317bb6b65aa89721fea7d0
- SHA1
  
  1d2ecac549295fd8c2d98396d333198d00b45c7a
- SHA256
  
  75b12244eb2ad3612a39b3cc2902181011c65fbd6911767493d440f4cab3658a
- SHA512
  
  90bc9b87e16d0b843519a72be53027a5e66937b8b7274839dbc7e0de9f19f1426a57789977cbe72d1ed5f41af1b10c05b29bbe6e8cf322a27bd61de446801a68
- SSDEEP
  
  1536:EVQcEVXEsTCfNEHYkJouJjcXCSuyAn7X3i6Emq/d:4mckJouJjcgcd
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence