08d3d7675ba6d5f2cf767068643055c18c0ee5439f768b5a707c6dbf62957b03 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08d3d7675ba6d5f2cf767068643055c18c0ee5439f768b5a707c6dbf62957b03
Size

124KB
Sample

221106-sxga8ahcc3
MD5

0c300421035dc03a966d5cc870dcfd70
SHA1

3effd36b8972e3bdf99dd2b608b5d16c2c52ab1b
SHA256

08d3d7675ba6d5f2cf767068643055c18c0ee5439f768b5a707c6dbf62957b03
SHA512

00fdfcfb913eea4cd7bf38f968d6c46d72147f07fc15dc9ac686dc00fe87bf9f1bd11da6c9a4bee24938bc866092e0a3c5f541f2649346518fff5d362d633e50
SSDEEP

1536:jElszR5YwUhRO/N69BH3OoGa+FLHjKceRgrkOSoINeGUmE:IlGfYNhkFoN3Oo1+FvfSW

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  08d3d7675ba6d5f2cf767068643055c18c0ee5439f768b5a707c6dbf62957b03
- Size
  
  124KB
- MD5
  
  0c300421035dc03a966d5cc870dcfd70
- SHA1
  
  3effd36b8972e3bdf99dd2b608b5d16c2c52ab1b
- SHA256
  
  08d3d7675ba6d5f2cf767068643055c18c0ee5439f768b5a707c6dbf62957b03
- SHA512
  
  00fdfcfb913eea4cd7bf38f968d6c46d72147f07fc15dc9ac686dc00fe87bf9f1bd11da6c9a4bee24938bc866092e0a3c5f541f2649346518fff5d362d633e50
- SSDEEP
  
  1536:jElszR5YwUhRO/N69BH3OoGa+FLHjKceRgrkOSoINeGUmE:IlGfYNhkFoN3Oo1+FvfSW
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence