7f069764071b456118c26c29009871cd27526ce5b927558e034c87830cd7369c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

094d3e4a6892191065452fbaedf15cc8
Size

148KB
Sample

231230-bbn1hadgdp
MD5

094d3e4a6892191065452fbaedf15cc8
SHA1

47ed8bf8d77b6c11d386ffdb919c7b0d13c7e413
SHA256

7f069764071b456118c26c29009871cd27526ce5b927558e034c87830cd7369c
SHA512

ba7aaaebcd06300735637a796f7af5b7dcd70179b2fd6ce505cbc13022848edebd9d25a9ccf6e7233059c6472c43211ae975e9e4454e836af5d65c755b0c45e2
SSDEEP

3072:HcZtKvM0h8kyEh2ws5SNoqtXzf4YGra4oQZiEAC:8vQdykwTqVO2WL

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  094d3e4a6892191065452fbaedf15cc8
- Size
  
  148KB
- MD5
  
  094d3e4a6892191065452fbaedf15cc8
- SHA1
  
  47ed8bf8d77b6c11d386ffdb919c7b0d13c7e413
- SHA256
  
  7f069764071b456118c26c29009871cd27526ce5b927558e034c87830cd7369c
- SHA512
  
  ba7aaaebcd06300735637a796f7af5b7dcd70179b2fd6ce505cbc13022848edebd9d25a9ccf6e7233059c6472c43211ae975e9e4454e836af5d65c755b0c45e2
- SSDEEP
  
  3072:HcZtKvM0h8kyEh2ws5SNoqtXzf4YGra4oQZiEAC:8vQdykwTqVO2WL
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence