8260117aecd16a27a921ec7b8482a1edab0f85f15ffd17167cf35ac0512e0563 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8260117aecd16a27a921ec7b8482a1edab0f85f15ffd17167cf35ac0512e0563
Size

56KB
Sample

221207-dfptpscc6x
MD5

f964ac4e2d2a73fb518cec76ba827a61
SHA1

e899e329ac7fb7f15aba3a5fe0ede79543a87850
SHA256

8260117aecd16a27a921ec7b8482a1edab0f85f15ffd17167cf35ac0512e0563
SHA512

34be49371d21f5b6b84b3f2295aecc17c646c502ebefb82bf6e27e23e9cf05ce197bb1228b990c2f1a8288f628c92baf33a40696717dd535da41fff4f0adb429
SSDEEP

768:tdH1P99NbEE71f0mq/6/Q/9NF0+LEc8af3ts0E9d:tp9tfq2oS+Ljb3ts0E9d

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  8260117aecd16a27a921ec7b8482a1edab0f85f15ffd17167cf35ac0512e0563
- Size
  
  56KB
- MD5
  
  f964ac4e2d2a73fb518cec76ba827a61
- SHA1
  
  e899e329ac7fb7f15aba3a5fe0ede79543a87850
- SHA256
  
  8260117aecd16a27a921ec7b8482a1edab0f85f15ffd17167cf35ac0512e0563
- SHA512
  
  34be49371d21f5b6b84b3f2295aecc17c646c502ebefb82bf6e27e23e9cf05ce197bb1228b990c2f1a8288f628c92baf33a40696717dd535da41fff4f0adb429
- SSDEEP
  
  768:tdH1P99NbEE71f0mq/6/Q/9NF0+LEc8af3ts0E9d:tp9tfq2oS+Ljb3ts0E9d
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence