cc82d98b41ff87794b41a1fdba0f501ee2f118c42ade1a2e7c623e1a2e91f1d2 | Triage

Sharing

General

Target

cc82d98b41ff87794b41a1fdba0f501ee2f118c42ade1a2e7c623e1a2e91f1d2
Size

104KB
Sample

221201-2kmrxahb26
MD5

9d6bba4873a5266f7ca0567787c66ada
SHA1

b8a86edcf2e16284694f84d57366934cba8242ce
SHA256

cc82d98b41ff87794b41a1fdba0f501ee2f118c42ade1a2e7c623e1a2e91f1d2
SHA512

b2b1a99463ecd191117cb9142b994405f62d160cff09b31bfb6c1b23b259c515af940b7f6fe9df09d92bca8935ebc9bc6605ea2451b11d447aac37001dca792e
SSDEEP

1536:8mLRvx+ufGJs+HBchhQKNIqpOcQv0sTEFSocRoXjLl0Ii:H5+eiKNZJQv0sT5o3mIi

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  cc82d98b41ff87794b41a1fdba0f501ee2f118c42ade1a2e7c623e1a2e91f1d2
- Size
  
  104KB
- MD5
  
  9d6bba4873a5266f7ca0567787c66ada
- SHA1
  
  b8a86edcf2e16284694f84d57366934cba8242ce
- SHA256
  
  cc82d98b41ff87794b41a1fdba0f501ee2f118c42ade1a2e7c623e1a2e91f1d2
- SHA512
  
  b2b1a99463ecd191117cb9142b994405f62d160cff09b31bfb6c1b23b259c515af940b7f6fe9df09d92bca8935ebc9bc6605ea2451b11d447aac37001dca792e
- SSDEEP
  
  1536:8mLRvx+ufGJs+HBchhQKNIqpOcQv0sTEFSocRoXjLl0Ii:H5+eiKNZJQv0sT5o3mIi
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence