753e577c8139491838bdc8917a43aba3c064e6d9836ae15036765614f553198a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

753e577c8139491838bdc8917a43aba3c064e6d9836ae15036765614f553198a
Size

88KB
Sample

221205-lv7xtsgf74
MD5

6ea0af60bc467eb203ac4151a45eb092
SHA1

b1aeeb2be601abf5436080363a1be0efc778bb08
SHA256

753e577c8139491838bdc8917a43aba3c064e6d9836ae15036765614f553198a
SHA512

a18084d0e612148a218b583e44ba6597fa270a4e954b30b77d3db7195ec7c54e0c40d8f8fd3365f5e7448231f228d1598ee97c018a6a2f0611fbb55ac9d3d12d
SSDEEP

1536:ArdumquG288FXaIlTxmpQxAwHz1qQU37bmxzzYj8pizy4LTVRG8dmNmS/:Xd8FXaCdmpQxAwHz1qQGfmxzzYj8pizv

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  753e577c8139491838bdc8917a43aba3c064e6d9836ae15036765614f553198a
- Size
  
  88KB
- MD5
  
  6ea0af60bc467eb203ac4151a45eb092
- SHA1
  
  b1aeeb2be601abf5436080363a1be0efc778bb08
- SHA256
  
  753e577c8139491838bdc8917a43aba3c064e6d9836ae15036765614f553198a
- SHA512
  
  a18084d0e612148a218b583e44ba6597fa270a4e954b30b77d3db7195ec7c54e0c40d8f8fd3365f5e7448231f228d1598ee97c018a6a2f0611fbb55ac9d3d12d
- SSDEEP
  
  1536:ArdumquG288FXaIlTxmpQxAwHz1qQU37bmxzzYj8pizy4LTVRG8dmNmS/:Xd8FXaCdmpQxAwHz1qQGfmxzzYj8pizv
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence