adfef0a7c69144b171864fabc59ad2ca5fddf0a3b164214a5cd73d4cbc89269f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

adfef0a7c69144b171864fabc59ad2ca5fddf0a3b164214a5cd73d4cbc89269f
Size

731KB
Sample

221203-st2srafh2s
MD5

72e785858940293ef86a3e6ad02c94b9
SHA1

e4e34ec3f939dbd26f5e62ebea59f256c7dfc344
SHA256

adfef0a7c69144b171864fabc59ad2ca5fddf0a3b164214a5cd73d4cbc89269f
SHA512

16c9580d9d7e6ab902656009793f0fe7ab3578dc81c526e2b9e111abac5d2aade8023f035ca9a23b4b515334a50d28a29a83eb4f3d9fe115c62f99ecece81596
SSDEEP

12288:PkEfdosjMyHh9rrja/1HIEBiAA9fLUa5jDkZ9BhOksnCvPmA2KjLKYVlgLrCj9zt:PLfpBHhUNHI3v9x5jDWLEnzpKjLdCfq3

Score

8^/10

Malware Config

Targets

- Target
  
  NOYASA~1.EXE
- Size
  
  423KB
- MD5
  
  834f0a22a2863a1e9174d7667e27a5f7
- SHA1
  
  ec9e4b035f6ed5f3fd8ad655b9a79ce3e8d73f33
- SHA256
  
  8d11f82611b300273dbe2aec82795ab6f851eae3904efaa6180d6d7927c2c894
- SHA512
  
  caddf56a707105f2813f3877970f775f1bcfa88748789407fc7c2186aae468f7fb42e5e6a86b4d92d814400551ca8e8776a3692df1b65eeb9e53e4156ddff402
- SSDEEP
  
  12288:qU9XiuiHfkLarjZDzZzX8fC5jJk/8AB8Q+Jhs:qUdHGsLafl8fC5jJZAOQ+s
Score

8^/10
- Drops file in Drivers directory
behavioral1 behavioral2
- Target
  
  reg.exe
- Size
  
  1.4MB
- MD5
  
  0db8837b55175027c05de8a771239625
- SHA1
  
  c647573eb9dbc2ddc1b401d8f2c28bd838a766a6
- SHA256
  
  e5d6fd6c5a64ef0728298a9c1d5e316eda0f5141af72b69351f25f7ef376af5a
- SHA512
  
  52466f8afd8b4d3f9ce3b4f11d08953d1aa2d82e7415c5ebec60e95dfaa50f619c8ae2fa589eef910157cf33fc1b419b30dd104536fc8a2f8889165d6e8f7dd2
- SSDEEP
  
  24576:NuDf/Nvo1TfVzzJOoX7OI+Rg+LdT6nyzmq7mm759F6gCDY4Q7GNgGrCaDa2u409Z:+HWTNzzJOoX7OI+Rg+LdT6nyzmq7v16a
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4