d664b5ff4e19a5a6a6e03daff784651a306f6afdf6fc2b86ce04304aa6461a47 | Triage

Sharing

General

Target

d664b5ff4e19a5a6a6e03daff784651a306f6afdf6fc2b86ce04304aa6461a47
Size

116KB
Sample

221129-hdvz6ahb2z
MD5

893ef17862a69bd760632ec66fad4ee2
SHA1

57eab27b41710654f7e1066eb4a7ac86e09d73ae
SHA256

d664b5ff4e19a5a6a6e03daff784651a306f6afdf6fc2b86ce04304aa6461a47
SHA512

1fc65cec5141017d26b1a37ce160da7ce847aa0c0ec23088d8ec9d0aa5b388bfeb1d2f0a22a739f20b4af9f8544eefd8b614778916bc6e6106682bd352aa838c
SSDEEP

1536:TxA1geNFSvEf9+Tnsx5S0REQO0BxbkQRr7IFDaqVPoEFKx+Sr:/K0nKHxbJIF1VFFKISr

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  d664b5ff4e19a5a6a6e03daff784651a306f6afdf6fc2b86ce04304aa6461a47
- Size
  
  116KB
- MD5
  
  893ef17862a69bd760632ec66fad4ee2
- SHA1
  
  57eab27b41710654f7e1066eb4a7ac86e09d73ae
- SHA256
  
  d664b5ff4e19a5a6a6e03daff784651a306f6afdf6fc2b86ce04304aa6461a47
- SHA512
  
  1fc65cec5141017d26b1a37ce160da7ce847aa0c0ec23088d8ec9d0aa5b388bfeb1d2f0a22a739f20b4af9f8544eefd8b614778916bc6e6106682bd352aa838c
- SSDEEP
  
  1536:TxA1geNFSvEf9+Tnsx5S0REQO0BxbkQRr7IFDaqVPoEFKx+Sr:/K0nKHxbJIF1VFFKISr
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2