d4785dd29c045919f0583ee4b6b24307f2048f58ad599609e1674e29ef1c08d1 | Triage

Sharing

General

Target

d4785dd29c045919f0583ee4b6b24307f2048f58ad599609e1674e29ef1c08d1
Size

109KB
Sample

221205-gyyfcagg2v
MD5

30df3d8f374a5052afa29deacea17940
SHA1

7522bae6151af6cbf43426fd2e61095869468ce3
SHA256

d4785dd29c045919f0583ee4b6b24307f2048f58ad599609e1674e29ef1c08d1
SHA512

1dd65a45eaba7e747f150f6b0512bc144dbe0b2fec3629a412eb6be274f2bb7dae496e3570e1cca17802132346bbf9670a34fe4eea8d6f8a598046939912385f
SSDEEP

1536:B/iqYbQ7kwh2oyVbQ/L9uW22E0NtstjcKg6kiW7BWJKgchFPZ/wmPGKztVUzaIlK:4bKbRWk/L9p1tEBgL1Wcg0BnxVzdRS2b

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  d4785dd29c045919f0583ee4b6b24307f2048f58ad599609e1674e29ef1c08d1
- Size
  
  109KB
- MD5
  
  30df3d8f374a5052afa29deacea17940
- SHA1
  
  7522bae6151af6cbf43426fd2e61095869468ce3
- SHA256
  
  d4785dd29c045919f0583ee4b6b24307f2048f58ad599609e1674e29ef1c08d1
- SHA512
  
  1dd65a45eaba7e747f150f6b0512bc144dbe0b2fec3629a412eb6be274f2bb7dae496e3570e1cca17802132346bbf9670a34fe4eea8d6f8a598046939912385f
- SSDEEP
  
  1536:B/iqYbQ7kwh2oyVbQ/L9uW22E0NtstjcKg6kiW7BWJKgchFPZ/wmPGKztVUzaIlK:4bKbRWk/L9p1tEBgL1Wcg0BnxVzdRS2b
Score

8^/10

persistence
- Drops file in Drivers directory
- Executes dropped EXE
- Sets DLL path for service in the registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2