7337b04244d4864409b11cb479605c62409bbb39db1962cd317701f2f9ff53ea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7337b04244d4864409b11cb479605c62409bbb39db1962cd317701f2f9ff53ea
Size

240KB
Sample

221207-c6w52agg73
MD5

a51b60c1910dbed6b1437bd1a198a87c
SHA1

fb0ec7e4f5dae339dca9dd4acaced7d033b63624
SHA256

7337b04244d4864409b11cb479605c62409bbb39db1962cd317701f2f9ff53ea
SHA512

2ce3c0aa998ec073c0b0d42fb456cfc87e9e782b6d8596c6fba9c296dac51ea0e7e9c6544eddb0d780027a6fd605075be603d31cd5e0976dc086d5354275f0cf
SSDEEP

3072:dfC6k3bfZozpw14qL4wgubOFFfmXSXK0JGUvIiV7K555ixFpMG1RGTxle5TF:dq6k3bfg9qLLgvbJGUwiV7Zx9vCeBF

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  7337b04244d4864409b11cb479605c62409bbb39db1962cd317701f2f9ff53ea
- Size
  
  240KB
- MD5
  
  a51b60c1910dbed6b1437bd1a198a87c
- SHA1
  
  fb0ec7e4f5dae339dca9dd4acaced7d033b63624
- SHA256
  
  7337b04244d4864409b11cb479605c62409bbb39db1962cd317701f2f9ff53ea
- SHA512
  
  2ce3c0aa998ec073c0b0d42fb456cfc87e9e782b6d8596c6fba9c296dac51ea0e7e9c6544eddb0d780027a6fd605075be603d31cd5e0976dc086d5354275f0cf
- SSDEEP
  
  3072:dfC6k3bfZozpw14qL4wgubOFFfmXSXK0JGUvIiV7K555ixFpMG1RGTxle5TF:dq6k3bfg9qLLgvbJGUwiV7Zx9vCeBF
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence