de63f9bb81cb0c7d507b3467496d5591b3e225184cea668a5bae806a688221d8 | Triage

Sharing

General

Target

de63f9bb81cb0c7d507b3467496d5591b3e225184cea668a5bae806a688221d8
Size

1.1MB
Sample

230414-vexllaaf96
MD5

0000feece3c6b200c9cd6f9187e7c1d4
SHA1

26531bee9aa222cebabaa3a45cb4f40242577a64
SHA256

de63f9bb81cb0c7d507b3467496d5591b3e225184cea668a5bae806a688221d8
SHA512

3eb45971617d26456863c29b14608dd3b114b4fa0b2200641c0876d394ef7fa5976eb15e2f3481d02dc8150259592503e574f8964fc0c57bc1c22b1b4bf6502d
SSDEEP

12288:OSgkDHP50rV+ABDuRyUv1N4q147GQ/5ldYIv/HSPsW2hY4DQFu/U3buRKlemZ9Dq:OrkO+suRy4xen/5lT3ysWKaAADUJ

Score

7^/10

evasion trojan

Malware Config

Targets

- Target
  
  de63f9bb81cb0c7d507b3467496d5591b3e225184cea668a5bae806a688221d8
- Size
  
  1.1MB
- MD5
  
  0000feece3c6b200c9cd6f9187e7c1d4
- SHA1
  
  26531bee9aa222cebabaa3a45cb4f40242577a64
- SHA256
  
  de63f9bb81cb0c7d507b3467496d5591b3e225184cea668a5bae806a688221d8
- SHA512
  
  3eb45971617d26456863c29b14608dd3b114b4fa0b2200641c0876d394ef7fa5976eb15e2f3481d02dc8150259592503e574f8964fc0c57bc1c22b1b4bf6502d
- SSDEEP
  
  12288:OSgkDHP50rV+ABDuRyUv1N4q147GQ/5ldYIv/HSPsW2hY4DQFu/U3buRKlemZ9Dq:OrkO+suRy4xen/5lT3ysWKaAADUJ
Score

7^/10

evasion trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2