d2b9fe53103fa84c21bec70c9b59512703ec68026410c424e46426ce7625e6d7 | Triage

Sharing

General

Target

d2b9fe53103fa84c21bec70c9b59512703ec68026410c424e46426ce7625e6d7
Size

48KB
Sample

221129-d4wxxsfa7z
MD5

3770a14bcd41efe2478a6eaa48c053b8
SHA1

02890ffa96feb27b59c5166c39d6058f50e471d7
SHA256

d2b9fe53103fa84c21bec70c9b59512703ec68026410c424e46426ce7625e6d7
SHA512

d10da87ea967b5deab323457d252c77d7250406cb3810320421b458d66c6eef262ff1735a534eaae5be28b69d1bac9942ed53c4751ad2778e7f7d2665eca7f4c
SSDEEP

768:2fNEhmygzpVMbJv+6wH9H7MfygXaDMFQXD7e:2fam5pCt6NNDsQXD7

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  d2b9fe53103fa84c21bec70c9b59512703ec68026410c424e46426ce7625e6d7
- Size
  
  48KB
- MD5
  
  3770a14bcd41efe2478a6eaa48c053b8
- SHA1
  
  02890ffa96feb27b59c5166c39d6058f50e471d7
- SHA256
  
  d2b9fe53103fa84c21bec70c9b59512703ec68026410c424e46426ce7625e6d7
- SHA512
  
  d10da87ea967b5deab323457d252c77d7250406cb3810320421b458d66c6eef262ff1735a534eaae5be28b69d1bac9942ed53c4751ad2778e7f7d2665eca7f4c
- SSDEEP
  
  768:2fNEhmygzpVMbJv+6wH9H7MfygXaDMFQXD7e:2fam5pCt6NNDsQXD7
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence