7bf3842465c5847dff17efb02e25059239952ca1c2c9ee52d8904bda98aa8c12 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46dc9a6c8b7270981b56672ea10e17b2.exe
Size

68KB
Sample

240103-r3fq7shce6
MD5

46dc9a6c8b7270981b56672ea10e17b2
SHA1

c34d58e89977fc13d6d3fcabd510ee534125c6ec
SHA256

7bf3842465c5847dff17efb02e25059239952ca1c2c9ee52d8904bda98aa8c12
SHA512

d0e5c1755a42a135018f01f0e9e54a460f443349ed152a0ae127f2baf6f63c4f87b3ffcdc751fe4c255aa56c24dc7b56b02a5a462ddcc141c6ddc8139a5a4e7b
SSDEEP

768:/cTliTdOYAl+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:UTIx3AcqOK3qowgnt1d

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  46dc9a6c8b7270981b56672ea10e17b2.exe
- Size
  
  68KB
- MD5
  
  46dc9a6c8b7270981b56672ea10e17b2
- SHA1
  
  c34d58e89977fc13d6d3fcabd510ee534125c6ec
- SHA256
  
  7bf3842465c5847dff17efb02e25059239952ca1c2c9ee52d8904bda98aa8c12
- SHA512
  
  d0e5c1755a42a135018f01f0e9e54a460f443349ed152a0ae127f2baf6f63c4f87b3ffcdc751fe4c255aa56c24dc7b56b02a5a462ddcc141c6ddc8139a5a4e7b
- SSDEEP
  
  768:/cTliTdOYAl+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:UTIx3AcqOK3qowgnt1d
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence