bcba45864c78b55bd4055678126a7c3e1485af0fc082f3a152fd451611ff99ab | Triage

Sharing

General

Target

bcba45864c78b55bd4055678126a7c3e1485af0fc082f3a152fd451611ff99ab
Size

100KB
Sample

221202-x451dafd46
MD5

864e484a92f6aed8e387509e921e4b69
SHA1

5b4527f7bdff699b79da9b89d4c25644233b438e
SHA256

bcba45864c78b55bd4055678126a7c3e1485af0fc082f3a152fd451611ff99ab
SHA512

ace94a5c2289da6fd4593b950a42774cbeb1748f04c0c7ae0fc218756ee20e73635f9f27fb236c8b55b5ec121f57dff1be6c39920df24aa85f0ef69c45966f14
SSDEEP

1536:hIWQecX220mQLuxJKIRGWcOUP7vXArnY1ZqAefzyes5NIjnZyI:CH7QLdNAfzyeuCn8I

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  bcba45864c78b55bd4055678126a7c3e1485af0fc082f3a152fd451611ff99ab
- Size
  
  100KB
- MD5
  
  864e484a92f6aed8e387509e921e4b69
- SHA1
  
  5b4527f7bdff699b79da9b89d4c25644233b438e
- SHA256
  
  bcba45864c78b55bd4055678126a7c3e1485af0fc082f3a152fd451611ff99ab
- SHA512
  
  ace94a5c2289da6fd4593b950a42774cbeb1748f04c0c7ae0fc218756ee20e73635f9f27fb236c8b55b5ec121f57dff1be6c39920df24aa85f0ef69c45966f14
- SSDEEP
  
  1536:hIWQecX220mQLuxJKIRGWcOUP7vXArnY1ZqAefzyes5NIjnZyI:CH7QLdNAfzyeuCn8I
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence