e60e53d1948b5d2a3e2c7da6e0ca878a0c600a35517b0999a8bfb861cb6ab418 | Triage

Sharing

General

Target

e60e53d1948b5d2a3e2c7da6e0ca878a0c600a35517b0999a8bfb861cb6ab418
Size

180KB
Sample

221207-cz861sag5w
MD5

5404820abfe1c6a452e97b7a26618d23
SHA1

93de51789e05ee8bcd780227a2ffb92f0d1991df
SHA256

e60e53d1948b5d2a3e2c7da6e0ca878a0c600a35517b0999a8bfb861cb6ab418
SHA512

73c1141ad55f7937b7a9ce202d71f3ed6a2dea9662524154b87a9ba4e7b51b86f60fd476525f210d436fed97e92a3f930b0d5792b6b4740f6fbc6c9ec35f5617
SSDEEP

1536:d9Fco/Q8C33+pG9xf7gocsJjC3IBt0S1dHKMaNti2//gUV7nXtke:fFfRC33nf7gocsJjCkt0S1dH9qV7S

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  e60e53d1948b5d2a3e2c7da6e0ca878a0c600a35517b0999a8bfb861cb6ab418
- Size
  
  180KB
- MD5
  
  5404820abfe1c6a452e97b7a26618d23
- SHA1
  
  93de51789e05ee8bcd780227a2ffb92f0d1991df
- SHA256
  
  e60e53d1948b5d2a3e2c7da6e0ca878a0c600a35517b0999a8bfb861cb6ab418
- SHA512
  
  73c1141ad55f7937b7a9ce202d71f3ed6a2dea9662524154b87a9ba4e7b51b86f60fd476525f210d436fed97e92a3f930b0d5792b6b4740f6fbc6c9ec35f5617
- SSDEEP
  
  1536:d9Fco/Q8C33+pG9xf7gocsJjC3IBt0S1dHKMaNti2//gUV7nXtke:fFfRC33nf7gocsJjCkt0S1dH9qV7S
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence