7344dc9f4793e75028437024c45b37fa69f38ed5588a96c4ce73318c1008e0f4 | Triage

Sharing

General

Target

7344dc9f4793e75028437024c45b37fa69f38ed5588a96c4ce73318c1008e0f4
Size

288KB
Sample

221030-amzeyadbg3
MD5

a33dc2419bf20f4a420c7ad3ffe24c70
SHA1

bbdd774c80bbf26754653ff82da09055421e1151
SHA256

7344dc9f4793e75028437024c45b37fa69f38ed5588a96c4ce73318c1008e0f4
SHA512

51bd4067a297f700100ffc68c7ef0e824deaada3255f2375f6c05d6f37f296c1029ce8b76d3d56934b90ec5b821155fb02644101941ce302d397d03b5830a978
SSDEEP

3072:AU0n63hQdiOOZAksTCPkix7Fe7dEN8EXgNqf5cTrWi6ei2uiTbtTmH8Fe90p06tU:70dimbYJFsE0NMCP6wJYj8t/x6

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  7344dc9f4793e75028437024c45b37fa69f38ed5588a96c4ce73318c1008e0f4
- Size
  
  288KB
- MD5
  
  a33dc2419bf20f4a420c7ad3ffe24c70
- SHA1
  
  bbdd774c80bbf26754653ff82da09055421e1151
- SHA256
  
  7344dc9f4793e75028437024c45b37fa69f38ed5588a96c4ce73318c1008e0f4
- SHA512
  
  51bd4067a297f700100ffc68c7ef0e824deaada3255f2375f6c05d6f37f296c1029ce8b76d3d56934b90ec5b821155fb02644101941ce302d397d03b5830a978
- SSDEEP
  
  3072:AU0n63hQdiOOZAksTCPkix7Fe7dEN8EXgNqf5cTrWi6ei2uiTbtTmH8Fe90p06tU:70dimbYJFsE0NMCP6wJYj8t/x6
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence