75d3083a85444979ece63e7dc4232fa983f61c2ff29845f4d791556e35bd6427 | Triage

Sharing

General

Target

75d3083a85444979ece63e7dc4232fa983f61c2ff29845f4d791556e35bd6427
Size

88KB
Sample

221201-2clvmsgd22
MD5

53f7b3562fedd9cd18050f7bd68e901d
SHA1

306ad9543ad03d81a246b348c3d522a0d1f3fa0a
SHA256

75d3083a85444979ece63e7dc4232fa983f61c2ff29845f4d791556e35bd6427
SHA512

75e3dc00f901dddba139070ee243736d5cd63b8b431dcc3cfe32365e587cdaf16b9363236ef12022f721b235af02004cbc6cdbbc293f57de9355aa05db1679ba
SSDEEP

1536:G/298IQ/JDHKa5LJW6/Z2NZQ1vDmNmoGj:AO8I8DHKuFOWNoGj

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  75d3083a85444979ece63e7dc4232fa983f61c2ff29845f4d791556e35bd6427
- Size
  
  88KB
- MD5
  
  53f7b3562fedd9cd18050f7bd68e901d
- SHA1
  
  306ad9543ad03d81a246b348c3d522a0d1f3fa0a
- SHA256
  
  75d3083a85444979ece63e7dc4232fa983f61c2ff29845f4d791556e35bd6427
- SHA512
  
  75e3dc00f901dddba139070ee243736d5cd63b8b431dcc3cfe32365e587cdaf16b9363236ef12022f721b235af02004cbc6cdbbc293f57de9355aa05db1679ba
- SSDEEP
  
  1536:G/298IQ/JDHKa5LJW6/Z2NZQ1vDmNmoGj:AO8I8DHKuFOWNoGj
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence