6782cbcaaf33f2778eaae119924107c2a208652a065530d3d9ad73182bf7abf8 | Triage

Sharing

General

Target

6782cbcaaf33f2778eaae119924107c2a208652a065530d3d9ad73182bf7abf8
Size

152KB
Sample

221202-acl2vshc2w
MD5

7e12640bc065bd9bc82d11bf7d6522ff
SHA1

08c1721fb0d2b8851e89e25f0ea39b2237ef1e26
SHA256

6782cbcaaf33f2778eaae119924107c2a208652a065530d3d9ad73182bf7abf8
SHA512

9facb67a1fa3af772055dc13de09898cd4a738ea46441a0c2c8282ad93ed8e2091301298fb9d0902eb84d0633bdc247aa0556031050c5f34704963bd3051dc00
SSDEEP

3072:BhUFgQTQtKrueiygR4O6avJamofZ4oQZiEcJTh:2gEQtKSMgR56avUm2WSj

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  6782cbcaaf33f2778eaae119924107c2a208652a065530d3d9ad73182bf7abf8
- Size
  
  152KB
- MD5
  
  7e12640bc065bd9bc82d11bf7d6522ff
- SHA1
  
  08c1721fb0d2b8851e89e25f0ea39b2237ef1e26
- SHA256
  
  6782cbcaaf33f2778eaae119924107c2a208652a065530d3d9ad73182bf7abf8
- SHA512
  
  9facb67a1fa3af772055dc13de09898cd4a738ea46441a0c2c8282ad93ed8e2091301298fb9d0902eb84d0633bdc247aa0556031050c5f34704963bd3051dc00
- SSDEEP
  
  3072:BhUFgQTQtKrueiygR4O6avJamofZ4oQZiEcJTh:2gEQtKSMgR56avUm2WSj
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence