7737aa0e41802824d1dbe5684fe57742baf009782134a32180b8289d49f2887b | Triage

Sharing

General

Target

7737aa0e41802824d1dbe5684fe57742baf009782134a32180b8289d49f2887b
Size

88KB
Sample

221202-axajkafe79
MD5

3267281304f2856f1859fad218dc49e7
SHA1

58356935008d6759e5ef2aa98924469ad7b02d5a
SHA256

7737aa0e41802824d1dbe5684fe57742baf009782134a32180b8289d49f2887b
SHA512

20b3018a59a251e1817a030d82de8cc1aaf905486dea78ab370874fd61ed097227dbc896abe4bb5d3693de37ab7bb54d26995c006471c5bb2727a2d7029ed05f
SSDEEP

768:ve6jxOJETcXPcvnFNIHpFeh6RM1rA8dOsk7jbqqRkA5okK1Dfsvu+Yh9o1XjLfts:vecx/AmMLFUnzJA5o9BfIu+I+XjLlm

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  7737aa0e41802824d1dbe5684fe57742baf009782134a32180b8289d49f2887b
- Size
  
  88KB
- MD5
  
  3267281304f2856f1859fad218dc49e7
- SHA1
  
  58356935008d6759e5ef2aa98924469ad7b02d5a
- SHA256
  
  7737aa0e41802824d1dbe5684fe57742baf009782134a32180b8289d49f2887b
- SHA512
  
  20b3018a59a251e1817a030d82de8cc1aaf905486dea78ab370874fd61ed097227dbc896abe4bb5d3693de37ab7bb54d26995c006471c5bb2727a2d7029ed05f
- SSDEEP
  
  768:ve6jxOJETcXPcvnFNIHpFeh6RM1rA8dOsk7jbqqRkA5okK1Dfsvu+Yh9o1XjLfts:vecx/AmMLFUnzJA5o9BfIu+I+XjLlm
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence