46759c1a2d463f2aa1d7ba2bb5a8b21d54bbc8da083d0b4507d87e2a97528075 | Triage

Sharing

General

Target

46759c1a2d463f2aa1d7ba2bb5a8b21d54bbc8da083d0b4507d87e2a97528075
Size

144KB
Sample

221124-asp4fsfc28
MD5

1fa62feb97769e1214baf12387924b66
SHA1

0429a06fda3ae107ba1c7b98a0c06d1767066c2d
SHA256

46759c1a2d463f2aa1d7ba2bb5a8b21d54bbc8da083d0b4507d87e2a97528075
SHA512

f0629e99a0968732fdbc90cada822e1d3895acae6914a0be360846cb498b1085517a3af86b7181e98b52216fb1ba2a1e3bf4212a2f0ee8718e604f7dd9eee775
SSDEEP

768:aJ/HdK9TuB7CXe04H7cHPHYmug6UXQm1dIZE2ocOT77e:aOuBjHyj6S3T77

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  46759c1a2d463f2aa1d7ba2bb5a8b21d54bbc8da083d0b4507d87e2a97528075
- Size
  
  144KB
- MD5
  
  1fa62feb97769e1214baf12387924b66
- SHA1
  
  0429a06fda3ae107ba1c7b98a0c06d1767066c2d
- SHA256
  
  46759c1a2d463f2aa1d7ba2bb5a8b21d54bbc8da083d0b4507d87e2a97528075
- SHA512
  
  f0629e99a0968732fdbc90cada822e1d3895acae6914a0be360846cb498b1085517a3af86b7181e98b52216fb1ba2a1e3bf4212a2f0ee8718e604f7dd9eee775
- SSDEEP
  
  768:aJ/HdK9TuB7CXe04H7cHPHYmug6UXQm1dIZE2ocOT77e:aOuBjHyj6S3T77
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence