06cc773798e897c25b3b79e4fc43a77fc645b363d288fc4208d86dd0d89b846e | Triage

Sharing

General

Target

50d08ba14e86d2b59a4838b128db3e5e
Size

531KB
Sample

240110-rvpzxahben
MD5

50d08ba14e86d2b59a4838b128db3e5e
SHA1

5794656725e103f42c6e492688ed22ae3f0fd952
SHA256

06cc773798e897c25b3b79e4fc43a77fc645b363d288fc4208d86dd0d89b846e
SHA512

af6ea3337ada7e87aed30bd586648adf07b1fc899514834c22b76db6f4bf541f244e23c80837a3b05ffc6f87b2ae9a59d9c85c8cba1046e6c09a44ef76869cb8
SSDEEP

12288:q5iZvUxxc36rURUMK6jXc8RWi2TR7rGOjt9RRg/5Lb2M3njAdl:q0vUxxEiMdjXBR8R7COZ9RRg5njAb

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  50d08ba14e86d2b59a4838b128db3e5e
- Size
  
  531KB
- MD5
  
  50d08ba14e86d2b59a4838b128db3e5e
- SHA1
  
  5794656725e103f42c6e492688ed22ae3f0fd952
- SHA256
  
  06cc773798e897c25b3b79e4fc43a77fc645b363d288fc4208d86dd0d89b846e
- SHA512
  
  af6ea3337ada7e87aed30bd586648adf07b1fc899514834c22b76db6f4bf541f244e23c80837a3b05ffc6f87b2ae9a59d9c85c8cba1046e6c09a44ef76869cb8
- SSDEEP
  
  12288:q5iZvUxxc36rURUMK6jXc8RWi2TR7rGOjt9RRg/5Lb2M3njAdl:q0vUxxEiMdjXBR8R7COZ9RRg5njAb
Score

9^/10

evasion
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2