8398d90fe51ca49459be3b7433010ddfae2cc87b8e7afee3a91c3919abfc002e | Triage

Sharing

General

Target

8398d90fe51ca49459be3b7433010ddfae2cc87b8e7afee3a91c3919abfc002e
Size

124KB
Sample

221129-sdyq6add3x
MD5

1331f31d142c8f0b96c3438b2092c89e
SHA1

aa1897d47666a406609e2d79ba29a2ed81a5bf03
SHA256

8398d90fe51ca49459be3b7433010ddfae2cc87b8e7afee3a91c3919abfc002e
SHA512

829879945f68ba7b3134c987d61a393a57482ff43ffc855107900628869da1a865b43ae2043f14518ea2c787596042fe1e6160cd6455394603d828d6e358b290
SSDEEP

1536:ustkjPTQDU0GgAJa0P1kNmKldCMhdu8KWP/nTn8nBP9VewNeG0h/l:hkjMDU0GgAT98t

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  8398d90fe51ca49459be3b7433010ddfae2cc87b8e7afee3a91c3919abfc002e
- Size
  
  124KB
- MD5
  
  1331f31d142c8f0b96c3438b2092c89e
- SHA1
  
  aa1897d47666a406609e2d79ba29a2ed81a5bf03
- SHA256
  
  8398d90fe51ca49459be3b7433010ddfae2cc87b8e7afee3a91c3919abfc002e
- SHA512
  
  829879945f68ba7b3134c987d61a393a57482ff43ffc855107900628869da1a865b43ae2043f14518ea2c787596042fe1e6160cd6455394603d828d6e358b290
- SSDEEP
  
  1536:ustkjPTQDU0GgAJa0P1kNmKldCMhdu8KWP/nTn8nBP9VewNeG0h/l:hkjMDU0GgAT98t
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence