8e23e8ede6b90077a96851018627ea0905748ea1cf7c1fe0ea8c2da463541855 | Triage

Sharing

General

Target

7977859237113cbe564e98489fe93d90
Size

204KB
Sample

231226-s2wxgadfdq
MD5

7977859237113cbe564e98489fe93d90
SHA1

3a3bb8c8bbd4da6433160135f08573b0e5d91b6f
SHA256

8e23e8ede6b90077a96851018627ea0905748ea1cf7c1fe0ea8c2da463541855
SHA512

718a86cc0464288e4ca819f04d7b6046b2dbba78cb34c8815eaccdcc7837bc31ed19201aafb8c5857336676dc20db77131b8c6918a865cfb05f37f72fef1320c
SSDEEP

3072:NVeLCGNpuU+mzihKh8wpzDqulR3X9sDpLg6ZGKIXeYnVlDY:NVekEV82llbs1g6+XbVS

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  7977859237113cbe564e98489fe93d90
- Size
  
  204KB
- MD5
  
  7977859237113cbe564e98489fe93d90
- SHA1
  
  3a3bb8c8bbd4da6433160135f08573b0e5d91b6f
- SHA256
  
  8e23e8ede6b90077a96851018627ea0905748ea1cf7c1fe0ea8c2da463541855
- SHA512
  
  718a86cc0464288e4ca819f04d7b6046b2dbba78cb34c8815eaccdcc7837bc31ed19201aafb8c5857336676dc20db77131b8c6918a865cfb05f37f72fef1320c
- SSDEEP
  
  3072:NVeLCGNpuU+mzihKh8wpzDqulR3X9sDpLg6ZGKIXeYnVlDY:NVekEV82llbs1g6+XbVS
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence