0d5060798b3f66722b66f0e1ad91c80c01086c1e7150e4534d7d26614420bfc1 | Triage

Sharing

General

Target

0d5060798b3f66722b66f0e1ad91c80c01086c1e7150e4534d7d26614420bfc1
Size

148KB
Sample

221203-x8vp7sda8v
MD5

1193a33ec8da0ed1c0dee19519079ed0
SHA1

629fd623804dbe64f20298e91c2c2eea45ab3634
SHA256

0d5060798b3f66722b66f0e1ad91c80c01086c1e7150e4534d7d26614420bfc1
SHA512

b04e2b7c02d84dd7b3de80e34fce6c63623858af36c4fc783d984370c8433d5b5026ca381321ce912d8e784ba1749757a8b985e5965fdfe90770cc4e0e88f9e0
SSDEEP

1536:FzIxU6wWnlhXcro1XxcazFABdFkouQ1KeCrhzra78rBkqhpMK/vIqXIVFSQaq9i9:jSlRcro1XaPBQo1MHksqqXIVFSQre1

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  0d5060798b3f66722b66f0e1ad91c80c01086c1e7150e4534d7d26614420bfc1
- Size
  
  148KB
- MD5
  
  1193a33ec8da0ed1c0dee19519079ed0
- SHA1
  
  629fd623804dbe64f20298e91c2c2eea45ab3634
- SHA256
  
  0d5060798b3f66722b66f0e1ad91c80c01086c1e7150e4534d7d26614420bfc1
- SHA512
  
  b04e2b7c02d84dd7b3de80e34fce6c63623858af36c4fc783d984370c8433d5b5026ca381321ce912d8e784ba1749757a8b985e5965fdfe90770cc4e0e88f9e0
- SSDEEP
  
  1536:FzIxU6wWnlhXcro1XxcazFABdFkouQ1KeCrhzra78rBkqhpMK/vIqXIVFSQaq9i9:jSlRcro1XaPBQo1MHksqqXIVFSQre1
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence