bd240b75e99a3af29270e4ecd23ccee7a08d147078661004e839109bfd0abfa2 | Triage

Sharing

General

Target

13c3e4bc3310f8481cac5d186ed1e035
Size

68KB
Sample

231224-1pgwsaggel
MD5

13c3e4bc3310f8481cac5d186ed1e035
SHA1

92e6bf776bc26b6747853fef07d1cb89645cebc2
SHA256

bd240b75e99a3af29270e4ecd23ccee7a08d147078661004e839109bfd0abfa2
SHA512

50b0f683b7faef240848f309948dea9cc846f6a453acb8b845e623c91f364d75c6e10d3af715b583dcef10d3aec82c18655e0c91353dc94b355314008aacb486
SSDEEP

768:scoliTdSROAl+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:LoIxgOAcqOK3qowgnt1d

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  13c3e4bc3310f8481cac5d186ed1e035
- Size
  
  68KB
- MD5
  
  13c3e4bc3310f8481cac5d186ed1e035
- SHA1
  
  92e6bf776bc26b6747853fef07d1cb89645cebc2
- SHA256
  
  bd240b75e99a3af29270e4ecd23ccee7a08d147078661004e839109bfd0abfa2
- SHA512
  
  50b0f683b7faef240848f309948dea9cc846f6a453acb8b845e623c91f364d75c6e10d3af715b583dcef10d3aec82c18655e0c91353dc94b355314008aacb486
- SSDEEP
  
  768:scoliTdSROAl+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:LoIxgOAcqOK3qowgnt1d
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence