eca3858443297fda6dc124edd142916813a372390715b52182b91ccda5aec87c | Triage

Sharing

General

Target

eca3858443297fda6dc124edd142916813a372390715b52182b91ccda5aec87c
Size

100KB
Sample

221029-3yb31adbbj
MD5

925b91661d2fa7922a1320f1ea659de1
SHA1

06dcbaca995e1db0de92afb654121068a519eff2
SHA256

eca3858443297fda6dc124edd142916813a372390715b52182b91ccda5aec87c
SHA512

2aa5fedeb52b7c8caff7a6e3a687a73a23ec1e901e9eddaac346b211a677ebef4d47fddc9ad8a2122280e8f86f05d77ab7c56bd9b4bd53f052aa24c861615e63
SSDEEP

1536:1bY8iAuismyws8iLw0wF9MGM9K/oKtNgCMbA1bL3N+NM5UfaNIjnZmb:Cd/KLOM5pCnYb

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  eca3858443297fda6dc124edd142916813a372390715b52182b91ccda5aec87c
- Size
  
  100KB
- MD5
  
  925b91661d2fa7922a1320f1ea659de1
- SHA1
  
  06dcbaca995e1db0de92afb654121068a519eff2
- SHA256
  
  eca3858443297fda6dc124edd142916813a372390715b52182b91ccda5aec87c
- SHA512
  
  2aa5fedeb52b7c8caff7a6e3a687a73a23ec1e901e9eddaac346b211a677ebef4d47fddc9ad8a2122280e8f86f05d77ab7c56bd9b4bd53f052aa24c861615e63
- SSDEEP
  
  1536:1bY8iAuismyws8iLw0wF9MGM9K/oKtNgCMbA1bL3N+NM5UfaNIjnZmb:Cd/KLOM5pCnYb
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence