5fd2d12e50cc890fdd51196fac59b5f3a420895c8edf4bbaeafdf17513996e76 | Triage

Sharing

General

Target

5fd2d12e50cc890fdd51196fac59b5f3a420895c8edf4bbaeafdf17513996e76
Size

512KB
Sample

221128-aezezaeb2s
MD5

81f03b79eeaed696c7a5254a3a172892
SHA1

2866fc35657a755d9157e510239f55a577903905
SHA256

5fd2d12e50cc890fdd51196fac59b5f3a420895c8edf4bbaeafdf17513996e76
SHA512

211ac57cee00c2f75ff612780a41e88b85b9eb030c26f16ea08613d5c05fcbc2914a57f4b4ff94bbe233d49774e69a41b3767e3a3fd30cd523ad01744208aeb0
SSDEEP

12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4a:0+h9OY70z+warul3E4a

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  5fd2d12e50cc890fdd51196fac59b5f3a420895c8edf4bbaeafdf17513996e76
- Size
  
  512KB
- MD5
  
  81f03b79eeaed696c7a5254a3a172892
- SHA1
  
  2866fc35657a755d9157e510239f55a577903905
- SHA256
  
  5fd2d12e50cc890fdd51196fac59b5f3a420895c8edf4bbaeafdf17513996e76
- SHA512
  
  211ac57cee00c2f75ff612780a41e88b85b9eb030c26f16ea08613d5c05fcbc2914a57f4b4ff94bbe233d49774e69a41b3767e3a3fd30cd523ad01744208aeb0
- SSDEEP
  
  12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4a:0+h9OY70z+warul3E4a
Score

9^/10

evasion
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2