7edbdd65a2ad7c0c5e497cf20d2fc2f5c6cb6b47917d62fc2d12886c90e58d7e | Triage

Sharing

General

Target

279d538960cf507b8cd7924fd0951b07
Size

188KB
Sample

231225-sdjbgaeha9
MD5

279d538960cf507b8cd7924fd0951b07
SHA1

38b24a8aeb8e51dce76dbfe0172636a895b64c04
SHA256

7edbdd65a2ad7c0c5e497cf20d2fc2f5c6cb6b47917d62fc2d12886c90e58d7e
SHA512

a6ac51bd933e36c5b7b407290a25b944478a969938eb9ed3949f7f8de0657e399036266a5876390eaed5d506e1483b56eb70bcabe69f67d9f8dee87b6647f171
SSDEEP

3072:pzimg3VDdq4sNUbaxF6FFZ8i4aqosAm+w90Z0W:F4sY/Z8i4aqosAm+w90/

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  279d538960cf507b8cd7924fd0951b07
- Size
  
  188KB
- MD5
  
  279d538960cf507b8cd7924fd0951b07
- SHA1
  
  38b24a8aeb8e51dce76dbfe0172636a895b64c04
- SHA256
  
  7edbdd65a2ad7c0c5e497cf20d2fc2f5c6cb6b47917d62fc2d12886c90e58d7e
- SHA512
  
  a6ac51bd933e36c5b7b407290a25b944478a969938eb9ed3949f7f8de0657e399036266a5876390eaed5d506e1483b56eb70bcabe69f67d9f8dee87b6647f171
- SSDEEP
  
  3072:pzimg3VDdq4sNUbaxF6FFZ8i4aqosAm+w90Z0W:F4sY/Z8i4aqosAm+w90/
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence