db2c1d0380533a7f2f1a5032ef2ee76595f2b849afaa128bac67e9a5e8fb14fb | Triage

Sharing

General

Target

070e17329488a9a9632b2012fae4d486
Size

352KB
Sample

231229-3j77wsaed2
MD5

070e17329488a9a9632b2012fae4d486
SHA1

3ec546520c6f20052d78045c36cd205205baa3f7
SHA256

db2c1d0380533a7f2f1a5032ef2ee76595f2b849afaa128bac67e9a5e8fb14fb
SHA512

05a3236b90876650c38c204c64dc0d44c444e91b1ee7b61bf544b25c0147b1ac6b10fb803c9df2d00e917acba5aadfc27a1c1791bb65b24cb227e19cbe601371
SSDEEP

768:vtEJb96hxGRQrtxtgTVH7NHaurxmWXOQfwoObuPb77e:vtEuUQrzml5lXAoO+H7

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  070e17329488a9a9632b2012fae4d486
- Size
  
  352KB
- MD5
  
  070e17329488a9a9632b2012fae4d486
- SHA1
  
  3ec546520c6f20052d78045c36cd205205baa3f7
- SHA256
  
  db2c1d0380533a7f2f1a5032ef2ee76595f2b849afaa128bac67e9a5e8fb14fb
- SHA512
  
  05a3236b90876650c38c204c64dc0d44c444e91b1ee7b61bf544b25c0147b1ac6b10fb803c9df2d00e917acba5aadfc27a1c1791bb65b24cb227e19cbe601371
- SSDEEP
  
  768:vtEJb96hxGRQrtxtgTVH7NHaurxmWXOQfwoObuPb77e:vtEuUQrzml5lXAoO+H7
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence