c1605b75473b8bf01afdaf8ae04b35d14dad33f5bb8c0bf982b7f2099ec7a3fa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c1605b75473b8bf01afdaf8ae04b35d14dad33f5bb8c0bf982b7f2099ec7a3fa
Size

3.0MB
Sample

221203-v6sfysee3w
MD5

92a7572bf627b774ced84481ffe8e7f8
SHA1

fe804d8db8325b5d05d636f0eaf3c1f0d418e5fe
SHA256

c1605b75473b8bf01afdaf8ae04b35d14dad33f5bb8c0bf982b7f2099ec7a3fa
SHA512

0a589fb99b9d2a897447bd4b6f95ac88cfae153dea95980c340fb1e198329e791c54e4d28d1b6e82a8bc4364a9d4c4411b67cf9cc4da1ae613cbfc33c34a7cba
SSDEEP

49152:b1dlZovzmzgFdIwrMCSiFhZ5OAnnU3YIABCgjhZJUUsJVKkQ4Aya5ZNaZHhtp8in:b1dl27SgFdEchjlUoBZjhZJUUsyko381

Score

8^/10

evasion trojan

Malware Config

Targets

- Target
  
  c1605b75473b8bf01afdaf8ae04b35d14dad33f5bb8c0bf982b7f2099ec7a3fa
- Size
  
  3.0MB
- MD5
  
  92a7572bf627b774ced84481ffe8e7f8
- SHA1
  
  fe804d8db8325b5d05d636f0eaf3c1f0d418e5fe
- SHA256
  
  c1605b75473b8bf01afdaf8ae04b35d14dad33f5bb8c0bf982b7f2099ec7a3fa
- SHA512
  
  0a589fb99b9d2a897447bd4b6f95ac88cfae153dea95980c340fb1e198329e791c54e4d28d1b6e82a8bc4364a9d4c4411b67cf9cc4da1ae613cbfc33c34a7cba
- SSDEEP
  
  49152:b1dlZovzmzgFdIwrMCSiFhZ5OAnnU3YIABCgjhZJUUsJVKkQ4Aya5ZNaZHhtp8in:b1dl27SgFdEchjlUoBZjhZJUUsyko381
Score

8^/10

evasion trojan
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2