b123731c5fbadbfa35942b40367bc43e4d1ad5c41e72dbf05e782842f42c598a | Triage

Sharing

General

Target

b123731c5fbadbfa35942b40367bc43e4d1ad5c41e72dbf05e782842f42c598a
Size

116KB
Sample

221205-l9mv7saa45
MD5

7cc3a42aaaa73c711fae9d7eb56aba0e
SHA1

c214042cae74ed87c2f5b888c0a43d8968a0d422
SHA256

b123731c5fbadbfa35942b40367bc43e4d1ad5c41e72dbf05e782842f42c598a
SHA512

ea5c9ff0604b2358865989bba38c51895101ed4c7fdfd3c4ec22fc24beab747482ed8105518136343522ae263274115d96c7b8c6b9fa77db3693f5852dd39961
SSDEEP

1536:d+cIRGHu9mQGSp3E5zkons4MBikY+msHH0o4vwo3L2YRTB6m8AJ0x:dF4pJE5zkPBir+miUoUEYRTB6ZYE

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  b123731c5fbadbfa35942b40367bc43e4d1ad5c41e72dbf05e782842f42c598a
- Size
  
  116KB
- MD5
  
  7cc3a42aaaa73c711fae9d7eb56aba0e
- SHA1
  
  c214042cae74ed87c2f5b888c0a43d8968a0d422
- SHA256
  
  b123731c5fbadbfa35942b40367bc43e4d1ad5c41e72dbf05e782842f42c598a
- SHA512
  
  ea5c9ff0604b2358865989bba38c51895101ed4c7fdfd3c4ec22fc24beab747482ed8105518136343522ae263274115d96c7b8c6b9fa77db3693f5852dd39961
- SSDEEP
  
  1536:d+cIRGHu9mQGSp3E5zkons4MBikY+msHH0o4vwo3L2YRTB6m8AJ0x:dF4pJE5zkPBir+miUoUEYRTB6ZYE
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence