a7748efca01ee6557ce2b5594b4f9a3246667f0c35b98dd8af00ee235f49aa68 | Triage

Sharing

General

Target

a7748efca01ee6557ce2b5594b4f9a3246667f0c35b98dd8af00ee235f49aa68
Size

88KB
Sample

221201-2x7b3sdd8t
MD5

5d2a91a6e7ed47ee91aeada4679d1f53
SHA1

4d32b7895a153c2b030505b000076d883ea25a15
SHA256

a7748efca01ee6557ce2b5594b4f9a3246667f0c35b98dd8af00ee235f49aa68
SHA512

24bdb12b772245eaddca748657b1681c775f401e4770c54f1981f800ac008e36dc4e32aa170a266c31f7bbe55ef0cb5684e79f25b674cea14c6126b6d0476074
SSDEEP

1536:ekUDdsDW1pLDcw3Hr+PaGme76FrknzKLqOP:7UDyDlOFonzK9

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  a7748efca01ee6557ce2b5594b4f9a3246667f0c35b98dd8af00ee235f49aa68
- Size
  
  88KB
- MD5
  
  5d2a91a6e7ed47ee91aeada4679d1f53
- SHA1
  
  4d32b7895a153c2b030505b000076d883ea25a15
- SHA256
  
  a7748efca01ee6557ce2b5594b4f9a3246667f0c35b98dd8af00ee235f49aa68
- SHA512
  
  24bdb12b772245eaddca748657b1681c775f401e4770c54f1981f800ac008e36dc4e32aa170a266c31f7bbe55ef0cb5684e79f25b674cea14c6126b6d0476074
- SSDEEP
  
  1536:ekUDdsDW1pLDcw3Hr+PaGme76FrknzKLqOP:7UDyDlOFonzK9
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence