2f7c92580277a9430d2633a8a95aa11382ea07500a356934e3b76d4f5f6581c0 | Triage

Sharing

General

Target

2140b3395f2483e1df158c19b252ad17
Size

252KB
Sample

231231-ahrjjadgh9
MD5

2140b3395f2483e1df158c19b252ad17
SHA1

d12c788829e0b0c7d13e9eb87ee4866e24f697c7
SHA256

2f7c92580277a9430d2633a8a95aa11382ea07500a356934e3b76d4f5f6581c0
SHA512

6edd950cf6bd6cce037876da15012dc62a0f0158d431c767456a64a52a4ceabe4899d09b4e5a9152d5743a176a5733b83d61c7157d7c2b5057dcfd39f2ccdb88
SSDEEP

6144:WUxi2d1wlx34Z4mwD5eQpYgYV29G6McRgcVXOa/0udzUZZQMQCQQyA8lohYewTEN:Nic4eQpYgWMGYlViQQyBlohHwTE+70/t

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  2140b3395f2483e1df158c19b252ad17
- Size
  
  252KB
- MD5
  
  2140b3395f2483e1df158c19b252ad17
- SHA1
  
  d12c788829e0b0c7d13e9eb87ee4866e24f697c7
- SHA256
  
  2f7c92580277a9430d2633a8a95aa11382ea07500a356934e3b76d4f5f6581c0
- SHA512
  
  6edd950cf6bd6cce037876da15012dc62a0f0158d431c767456a64a52a4ceabe4899d09b4e5a9152d5743a176a5733b83d61c7157d7c2b5057dcfd39f2ccdb88
- SSDEEP
  
  6144:WUxi2d1wlx34Z4mwD5eQpYgYV29G6McRgcVXOa/0udzUZZQMQCQQyA8lohYewTEN:Nic4eQpYgWMGYlViQQyBlohHwTE+70/t
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence