30d1601416300851900482a6326b793e1f2755732f6e9950030b8c51a4617128 | Triage

Sharing

General

Target

353290742bd22bdb48df225583a558f3
Size

124KB
Sample

231225-xbjaxadhfm
MD5

353290742bd22bdb48df225583a558f3
SHA1

1a190ac32d0871da25fad7e17082b64036d5576c
SHA256

30d1601416300851900482a6326b793e1f2755732f6e9950030b8c51a4617128
SHA512

0af13aa86a3bb67851121301d0a00223313d03560b489910f1316bea8e1326f58888d35eabb2991126f196569c38dcfd92c968c6e7988ff5a7a97c7f7e410700
SSDEEP

1536:i2tkjUTQbU0GgAJa0P1kNmKldCMhdu8KWP/nTn8nBP9VewNeG0h/l:rkjTbU0GgAT98t

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  353290742bd22bdb48df225583a558f3
- Size
  
  124KB
- MD5
  
  353290742bd22bdb48df225583a558f3
- SHA1
  
  1a190ac32d0871da25fad7e17082b64036d5576c
- SHA256
  
  30d1601416300851900482a6326b793e1f2755732f6e9950030b8c51a4617128
- SHA512
  
  0af13aa86a3bb67851121301d0a00223313d03560b489910f1316bea8e1326f58888d35eabb2991126f196569c38dcfd92c968c6e7988ff5a7a97c7f7e410700
- SSDEEP
  
  1536:i2tkjUTQbU0GgAJa0P1kNmKldCMhdu8KWP/nTn8nBP9VewNeG0h/l:rkjTbU0GgAT98t
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence