35f52c888cf98ee94556f754fe6c1c98bc3a80f60c72a08e72e4eb40839d4a6d | Triage

Sharing

General

Target

2c3d49b9fd9f7cdc0f45f7d7da65dcb4
Size

55KB
Sample

231225-tpvz3sdfgp
MD5

2c3d49b9fd9f7cdc0f45f7d7da65dcb4
SHA1

7797ee836725cbf635a6f9ffd093eaf815ca9734
SHA256

35f52c888cf98ee94556f754fe6c1c98bc3a80f60c72a08e72e4eb40839d4a6d
SHA512

1d9ab529725d129656c30972d30942cfda81d5751be73f82e09272cfb8db5a9ca12e41697950f5a47b6c3615cd1c143c24fe6bfd750dbb68d3c9d310bc2337fb
SSDEEP

768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/QosWpH+DrCUpff:V3cpyORJLuB4P4AJJv4Romu/9tpvUZP

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  2c3d49b9fd9f7cdc0f45f7d7da65dcb4
- Size
  
  55KB
- MD5
  
  2c3d49b9fd9f7cdc0f45f7d7da65dcb4
- SHA1
  
  7797ee836725cbf635a6f9ffd093eaf815ca9734
- SHA256
  
  35f52c888cf98ee94556f754fe6c1c98bc3a80f60c72a08e72e4eb40839d4a6d
- SHA512
  
  1d9ab529725d129656c30972d30942cfda81d5751be73f82e09272cfb8db5a9ca12e41697950f5a47b6c3615cd1c143c24fe6bfd750dbb68d3c9d310bc2337fb
- SSDEEP
  
  768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/QosWpH+DrCUpff:V3cpyORJLuB4P4AJJv4Romu/9tpvUZP
Score

10^/10

evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2