38fdebcb05a196d604ffd3646a3336585ab90d7e0d8b20bab5c12f318ab694a3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

237174cd4363f3d3355102e1da29126a
Size

108KB
Sample

231225-q79dmsfdb6
MD5

237174cd4363f3d3355102e1da29126a
SHA1

2162f6a590721c3838a472fce27d09bbaab4a7a8
SHA256

38fdebcb05a196d604ffd3646a3336585ab90d7e0d8b20bab5c12f318ab694a3
SHA512

5a5c3c54b0823eb508ce6f55ee9ca4adf58be504da3aeedc17fcf432a265e0d87f2b1c1c61600ba9d145315604aec8fb599018b57823574c5885094ee9002a1d
SSDEEP

1536:MBPKiB6oQ7Lh5+sXmNt0ttJPXLq0zTrkC:0PmoIeZt0XTzToC

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  237174cd4363f3d3355102e1da29126a
- Size
  
  108KB
- MD5
  
  237174cd4363f3d3355102e1da29126a
- SHA1
  
  2162f6a590721c3838a472fce27d09bbaab4a7a8
- SHA256
  
  38fdebcb05a196d604ffd3646a3336585ab90d7e0d8b20bab5c12f318ab694a3
- SHA512
  
  5a5c3c54b0823eb508ce6f55ee9ca4adf58be504da3aeedc17fcf432a265e0d87f2b1c1c61600ba9d145315604aec8fb599018b57823574c5885094ee9002a1d
- SSDEEP
  
  1536:MBPKiB6oQ7Lh5+sXmNt0ttJPXLq0zTrkC:0PmoIeZt0XTzToC
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence