cdb45add999d513cf4e9583651555c75f4e1f333c859e7811d75b9d93700fc4f | Triage

Sharing

General

Target

cdb45add999d513cf4e9583651555c75f4e1f333c859e7811d75b9d93700fc4f
Size

240KB
Sample

221205-lak8bsae7t
MD5

3c74ab1f4881ec76b902f8d03381caca
SHA1

00cb9486865eefa5427a63933eaa688d30be3558
SHA256

cdb45add999d513cf4e9583651555c75f4e1f333c859e7811d75b9d93700fc4f
SHA512

d680a154343b0bf0d1b226045ab1ab8cc84ede12dadda66a70c94f4eedcad503cd3f923681b0b369eb0a08821db2f57f277fa4a2896cf1cbccd26eae13fa19f1
SSDEEP

6144:XUOG3dwqsNwemAB0EqxF6snji81RUinKchhyCSQ:JkdQQJsN

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  cdb45add999d513cf4e9583651555c75f4e1f333c859e7811d75b9d93700fc4f
- Size
  
  240KB
- MD5
  
  3c74ab1f4881ec76b902f8d03381caca
- SHA1
  
  00cb9486865eefa5427a63933eaa688d30be3558
- SHA256
  
  cdb45add999d513cf4e9583651555c75f4e1f333c859e7811d75b9d93700fc4f
- SHA512
  
  d680a154343b0bf0d1b226045ab1ab8cc84ede12dadda66a70c94f4eedcad503cd3f923681b0b369eb0a08821db2f57f277fa4a2896cf1cbccd26eae13fa19f1
- SSDEEP
  
  6144:XUOG3dwqsNwemAB0EqxF6snji81RUinKchhyCSQ:JkdQQJsN
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence