d489d66321766c1a201d8925ebff564c80438748da2a156a492806fedad877a9 | Triage

Sharing

General

Target

7b9ad5bb7b835f4500d114ab663f5c83
Size

200KB
Sample

231226-tmmwpahahp
MD5

7b9ad5bb7b835f4500d114ab663f5c83
SHA1

62616ca6da20ab8d3063f9e45baee7d069d97357
SHA256

d489d66321766c1a201d8925ebff564c80438748da2a156a492806fedad877a9
SHA512

9b6913b5e15a6ed5351a6a3f6f1b753056ae57a80968a5376e9c599ba08c59f00542ec8fd39b51a5d250c02e4c9ae75deaaa35d8b05720eee5ded34a88d17042
SSDEEP

3072:QIsMzFaDEKrEgQKfQ2OOOFOWhwO2OOOOOrOOOOhOOOOO3OOOF/7OOOOOMOsOOOi1:

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  7b9ad5bb7b835f4500d114ab663f5c83
- Size
  
  200KB
- MD5
  
  7b9ad5bb7b835f4500d114ab663f5c83
- SHA1
  
  62616ca6da20ab8d3063f9e45baee7d069d97357
- SHA256
  
  d489d66321766c1a201d8925ebff564c80438748da2a156a492806fedad877a9
- SHA512
  
  9b6913b5e15a6ed5351a6a3f6f1b753056ae57a80968a5376e9c599ba08c59f00542ec8fd39b51a5d250c02e4c9ae75deaaa35d8b05720eee5ded34a88d17042
- SSDEEP
  
  3072:QIsMzFaDEKrEgQKfQ2OOOFOWhwO2OOOOOrOOOOhOOOOO3OOOF/7OOOOOMOsOOOi1:
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence