98a3574032f87bd1fa70f65d60ea19c7aea006375d097aefbe1a938d57903826 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

98a3574032f87bd1fa70f65d60ea19c7aea006375d097aefbe1a938d57903826
Size

192KB
Sample

221029-318jzsdcdq
MD5

92e779b65519f211abd1152d1c7f425f
SHA1

3c3baecd63bd35898a597d2fe666b01a2ee3121b
SHA256

98a3574032f87bd1fa70f65d60ea19c7aea006375d097aefbe1a938d57903826
SHA512

b7da853bb60d5291e0930e19bba157f04325141723a950f920718d322f6dc3f004ca8e8c7d406262965e387679294e00c9f4b186b192d73948f87b98351f204c
SSDEEP

1536:nkBm2t2OrZFaaaaat031AdQWB5kCFrWszRUOHFlQhzyLBVomtfVBiZHAPDoFp5Ak:uQOtW3kCFrWsF2eLorfMY94sU0n

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  98a3574032f87bd1fa70f65d60ea19c7aea006375d097aefbe1a938d57903826
- Size
  
  192KB
- MD5
  
  92e779b65519f211abd1152d1c7f425f
- SHA1
  
  3c3baecd63bd35898a597d2fe666b01a2ee3121b
- SHA256
  
  98a3574032f87bd1fa70f65d60ea19c7aea006375d097aefbe1a938d57903826
- SHA512
  
  b7da853bb60d5291e0930e19bba157f04325141723a950f920718d322f6dc3f004ca8e8c7d406262965e387679294e00c9f4b186b192d73948f87b98351f204c
- SSDEEP
  
  1536:nkBm2t2OrZFaaaaat031AdQWB5kCFrWszRUOHFlQhzyLBVomtfVBiZHAPDoFp5Ak:uQOtW3kCFrWsF2eLorfMY94sU0n
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence