7393b941ea857258cebcf5da13234691e0af07ea93d8241f2f990be4391f0c3b | Triage

Sharing

General

Target

7393b941ea857258cebcf5da13234691e0af07ea93d8241f2f990be4391f0c3b
Size

124KB
Sample

221202-awxbyaah5y
MD5

590c05b4dbdc4afd366ac7d9acb6e1e8
SHA1

45004090ed33501d8c050e3af1c848cf91bb0b58
SHA256

7393b941ea857258cebcf5da13234691e0af07ea93d8241f2f990be4391f0c3b
SHA512

f5192ab454881d81aca5a1457531f3ec38a4202d4dd77e283e669928a654a0d862ae2a0ad37cc0dfb0a3bcb846596703588d0c401b7ca47dd06b2293dcbac4bf
SSDEEP

1536:1uszb5YighRO/N69BH3OoGa+FLHjKKvRgrkOSo8NeG0h/l:QGNYighkFoN3Oo1+FvkSIt

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  7393b941ea857258cebcf5da13234691e0af07ea93d8241f2f990be4391f0c3b
- Size
  
  124KB
- MD5
  
  590c05b4dbdc4afd366ac7d9acb6e1e8
- SHA1
  
  45004090ed33501d8c050e3af1c848cf91bb0b58
- SHA256
  
  7393b941ea857258cebcf5da13234691e0af07ea93d8241f2f990be4391f0c3b
- SHA512
  
  f5192ab454881d81aca5a1457531f3ec38a4202d4dd77e283e669928a654a0d862ae2a0ad37cc0dfb0a3bcb846596703588d0c401b7ca47dd06b2293dcbac4bf
- SSDEEP
  
  1536:1uszb5YighRO/N69BH3OoGa+FLHjKKvRgrkOSo8NeG0h/l:QGNYighkFoN3Oo1+FvkSIt
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence