cd630122a555a34d81421caedef832f1e4419b14bdc6cd9c622fc74ed34741d6 | Triage

Sharing

General

Target

cd630122a555a34d81421caedef832f1e4419b14bdc6cd9c622fc74ed34741d6
Size

240KB
Sample

221205-lapwhsae7z
MD5

b3e211229828193e31fc9ebe4dc1679e
SHA1

ae368f982c72bdd495a9913a6a2cfc93f337c455
SHA256

cd630122a555a34d81421caedef832f1e4419b14bdc6cd9c622fc74ed34741d6
SHA512

e574ddc43bb84099f5dacd65b6c2a35c5d0d3d7a8ab5792adfdce6abed7a6fce0ad55b328dfa5a0ca1b0b12f9e2c2b8dc6b634b9597983f10ba37b995963ee38
SSDEEP

6144:+UO3dwqsNwemAB0EqxF6snji81RUinKchhytS3D:udQQJsUT

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  cd630122a555a34d81421caedef832f1e4419b14bdc6cd9c622fc74ed34741d6
- Size
  
  240KB
- MD5
  
  b3e211229828193e31fc9ebe4dc1679e
- SHA1
  
  ae368f982c72bdd495a9913a6a2cfc93f337c455
- SHA256
  
  cd630122a555a34d81421caedef832f1e4419b14bdc6cd9c622fc74ed34741d6
- SHA512
  
  e574ddc43bb84099f5dacd65b6c2a35c5d0d3d7a8ab5792adfdce6abed7a6fce0ad55b328dfa5a0ca1b0b12f9e2c2b8dc6b634b9597983f10ba37b995963ee38
- SSDEEP
  
  6144:+UO3dwqsNwemAB0EqxF6snji81RUinKchhytS3D:udQQJsUT
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence