ae6107ae766f4a3813f3746f3769084dbeed7106335d99532b0b171574fb3fe8 | Triage

Sharing

General

Target

ae6107ae766f4a3813f3746f3769084dbeed7106335d99532b0b171574fb3fe8
Size

80KB
Sample

221107-v2edjahge7
MD5

0af6965d6706786312d35046024042f1
SHA1

75a98a428daef6387eb617a32d16742d912758bb
SHA256

ae6107ae766f4a3813f3746f3769084dbeed7106335d99532b0b171574fb3fe8
SHA512

06d4b6aee1c68d50408ea484663820081b2cc00540a45bf7cf764649471ce9b8adbef40e026716785b1fa79372d4886bc9088ee4ea0f0c64f96a1a32c26fb220
SSDEEP

768:ev6nMfqgG4sOm0KUc8ebdtF5EmpW/p/hxRSH9NxIkL9v/Q6sWT:evTsTZKmpSFhxRSHdL9bsi

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  ae6107ae766f4a3813f3746f3769084dbeed7106335d99532b0b171574fb3fe8
- Size
  
  80KB
- MD5
  
  0af6965d6706786312d35046024042f1
- SHA1
  
  75a98a428daef6387eb617a32d16742d912758bb
- SHA256
  
  ae6107ae766f4a3813f3746f3769084dbeed7106335d99532b0b171574fb3fe8
- SHA512
  
  06d4b6aee1c68d50408ea484663820081b2cc00540a45bf7cf764649471ce9b8adbef40e026716785b1fa79372d4886bc9088ee4ea0f0c64f96a1a32c26fb220
- SSDEEP
  
  768:ev6nMfqgG4sOm0KUc8ebdtF5EmpW/p/hxRSH9NxIkL9v/Q6sWT:evTsTZKmpSFhxRSHdL9bsi
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence