14a50a28e08c5cb2310b93f944a2a61ec04d0274f782bd69de207174b1bb9a26 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7380678c4ac923a90b4fada49654240e
Size

500KB
Sample

231226-q5v38sbdgp
MD5

7380678c4ac923a90b4fada49654240e
SHA1

7cc138e43b180194f4b77655cc41ed94c9277190
SHA256

14a50a28e08c5cb2310b93f944a2a61ec04d0274f782bd69de207174b1bb9a26
SHA512

02eca236883eb73879ebe4db1c3fd0b9549f289c9bf667c36e5900348c9014af1d8453d020b22a62a03e44f7e708c551ddf9b91db41849ea930e4ce82d1fd1c4
SSDEEP

6144:wjDI49RbTu85MLG6Nudm6A4uQ2iMbjNP9KJfnGSgP6YGuR7cINe/4dz5C9F+3+Om:wjDHXe85D6NnNM/ZVuJcIG/Hh7

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  7380678c4ac923a90b4fada49654240e
- Size
  
  500KB
- MD5
  
  7380678c4ac923a90b4fada49654240e
- SHA1
  
  7cc138e43b180194f4b77655cc41ed94c9277190
- SHA256
  
  14a50a28e08c5cb2310b93f944a2a61ec04d0274f782bd69de207174b1bb9a26
- SHA512
  
  02eca236883eb73879ebe4db1c3fd0b9549f289c9bf667c36e5900348c9014af1d8453d020b22a62a03e44f7e708c551ddf9b91db41849ea930e4ce82d1fd1c4
- SSDEEP
  
  6144:wjDI49RbTu85MLG6Nudm6A4uQ2iMbjNP9KJfnGSgP6YGuR7cINe/4dz5C9F+3+Om:wjDHXe85D6NnNM/ZVuJcIG/Hh7
Score

9^/10

evasion
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2