6407a6620016b956ab3b040d5ca290bebea10c572918eb137ee4eb87422cda46 | Triage

Sharing

General

Target

6407a6620016b956ab3b040d5ca290bebea10c572918eb137ee4eb87422cda46
Size

4.6MB
Sample

221127-wejkeafe58
MD5

b8f6275282f7088f34dc669c50d70b87
SHA1

cd1b0685af34afb2588769cbc9739314ee1ef158
SHA256

6407a6620016b956ab3b040d5ca290bebea10c572918eb137ee4eb87422cda46
SHA512

46d8ed187be6b2adc3ef9c15ac155576954d14e33dc88a3c7819f4f823b0b32c4126aa1e2b49e71e65004541aab3fa31c1835094228a718d98a1b6cfc23d811a
SSDEEP

98304:bptNCOmG5Nv1TKnNEXsQ8aVobYZbW988rvtvXWPUX+WWobnp6/8y0uP:bptXmG5BsNHDioEZ282vtf0A+WWe4D0i

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  6407a6620016b956ab3b040d5ca290bebea10c572918eb137ee4eb87422cda46
- Size
  
  4.6MB
- MD5
  
  b8f6275282f7088f34dc669c50d70b87
- SHA1
  
  cd1b0685af34afb2588769cbc9739314ee1ef158
- SHA256
  
  6407a6620016b956ab3b040d5ca290bebea10c572918eb137ee4eb87422cda46
- SHA512
  
  46d8ed187be6b2adc3ef9c15ac155576954d14e33dc88a3c7819f4f823b0b32c4126aa1e2b49e71e65004541aab3fa31c1835094228a718d98a1b6cfc23d811a
- SSDEEP
  
  98304:bptNCOmG5Nv1TKnNEXsQ8aVobYZbW988rvtvXWPUX+WWobnp6/8y0uP:bptXmG5BsNHDioEZ282vtf0A+WWe4D0i
Score

10^/10

evasion trojan
- UAC bypass
  evasion trojan
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2