fbe71273f4f34f65257a80646574b6951d3566799ffe2531353c0bb01a9a79a6 | Triage

Sharing

General

Target

a93f49cdecf6e3a1002286682f19a3a5
Size

60KB
Sample

231222-qydwdadbd4
MD5

a93f49cdecf6e3a1002286682f19a3a5
SHA1

fa4f4e951a27cb3ce178a09214c9be71d63519fb
SHA256

fbe71273f4f34f65257a80646574b6951d3566799ffe2531353c0bb01a9a79a6
SHA512

1639fab5d3a2a2296c9310d7ed00652f1073f59da332ff2371ad67870cccbf9e9cd3844c4cb4296cde5fba3bda6eaa9387b8e66ba3d9fdaff2b1d04e5a2c7523
SSDEEP

768:hXSmpnBmNVpmkeu76+9A/v/bVlbdfs3OfKDHGIHY56W7:hXSNp+u76y43wY56W7

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  a93f49cdecf6e3a1002286682f19a3a5
- Size
  
  60KB
- MD5
  
  a93f49cdecf6e3a1002286682f19a3a5
- SHA1
  
  fa4f4e951a27cb3ce178a09214c9be71d63519fb
- SHA256
  
  fbe71273f4f34f65257a80646574b6951d3566799ffe2531353c0bb01a9a79a6
- SHA512
  
  1639fab5d3a2a2296c9310d7ed00652f1073f59da332ff2371ad67870cccbf9e9cd3844c4cb4296cde5fba3bda6eaa9387b8e66ba3d9fdaff2b1d04e5a2c7523
- SSDEEP
  
  768:hXSmpnBmNVpmkeu76+9A/v/bVlbdfs3OfKDHGIHY56W7:hXSNp+u76y43wY56W7
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence