50310826b5d9b7e5e0c7c5400922dd4b0751fa86bda87c83f8a034fb0a18e5bd | Triage

Sharing

General

Target

vivo_mtp_driver.zip
Size

9.2MB
Sample

230107-z5778seg66
MD5

3db08b56089b55f891d05e4a395dd70b
SHA1

584b3d472a74d57e04d431c80de18f598b6b1c9a
SHA256

50310826b5d9b7e5e0c7c5400922dd4b0751fa86bda87c83f8a034fb0a18e5bd
SHA512

0a97974abe9394e757ad9e490a987d7b5a2d5034b1f5899695f6019094b56ebb969469e0d0e73f17eb393f4560f679c208b552507bbd40d3db8f070f1ded5119
SSDEEP

196608:MY2olUBCliErOh+qRHYWzBLJstUVsjOkSdGE1+Q4gnqGFe3i9bv:MY2jolfih+gdKPGdGE1+QfnqueS9bv

Score

8^/10

Malware Config

Targets

- Target
  
  vivo_mtp_driver.exe
- Size
  
  9.3MB
- MD5
  
  2888f549f1f8f394739e0608add42d0d
- SHA1
  
  19b5cc779cb4407648438e42101df1574ee83484
- SHA256
  
  ec54adb3e022446a9bca0d9e29a1594ba8003d7bc497f58ad3a89ccc87130f81
- SHA512
  
  04800af3dae9a0c208ff22562ffdef05d84504516c99ff8a68379f80f355463ac5f5dac6dabf7136993be4ecf3dedb9f5537406ef6f217ae03c5ef52e492dde3
- SSDEEP
  
  196608:3ih8lYxS+x+NwaXNuWDzXaK7ovCpIKCdKaZiocUN2IgchKzDv:3lWxZoNwiLPvQdKaZioPN2bcYzDv
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2