c1b69e16f45961c9fffa54ec0788a2be5113fc335630c11e188b1a848d8d8f22 | Triage

Sharing

General

Target

f88292864e0c4026271b22c5af86dc08
Size

68KB
Sample

231228-z21c8aahf7
MD5

f88292864e0c4026271b22c5af86dc08
SHA1

2dcaee95a4835960b1f8283df49d65bd4eabdae0
SHA256

c1b69e16f45961c9fffa54ec0788a2be5113fc335630c11e188b1a848d8d8f22
SHA512

13d34c5aa2086ddf9ed1e8fb1459d08ce87ff5bdf66a53ec0ca1b0e7dc2f2268f734a78b20e3c46a3aa39155a25a68fcc029ff955931860d1ab7a7a576ea2586
SSDEEP

768:JcFliTduDSAl+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:2FIxlAcqOK3qowgnt1d

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  f88292864e0c4026271b22c5af86dc08
- Size
  
  68KB
- MD5
  
  f88292864e0c4026271b22c5af86dc08
- SHA1
  
  2dcaee95a4835960b1f8283df49d65bd4eabdae0
- SHA256
  
  c1b69e16f45961c9fffa54ec0788a2be5113fc335630c11e188b1a848d8d8f22
- SHA512
  
  13d34c5aa2086ddf9ed1e8fb1459d08ce87ff5bdf66a53ec0ca1b0e7dc2f2268f734a78b20e3c46a3aa39155a25a68fcc029ff955931860d1ab7a7a576ea2586
- SSDEEP
  
  768:JcFliTduDSAl+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:2FIxlAcqOK3qowgnt1d
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence