818e842d42e2307de9058ece6260313eea686665a4663d607d952503facb1ecf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

55b057826c77fb6c5047483f06fbf880
Size

140KB
Sample

240112-gveh3aadap
MD5

55b057826c77fb6c5047483f06fbf880
SHA1

0b13e6ce4daf9ce79bd6bc3791bd911dfa8b8d94
SHA256

818e842d42e2307de9058ece6260313eea686665a4663d607d952503facb1ecf
SHA512

99a3f94dda9724b4bf22016e1d2adc5b5dcc269aead522f15aeea18a5d5e2ff728098bf0da9dae3ae8783e34991358310ea34cd4bc4feaf0b37e8160bc974d29
SSDEEP

768:zevsmyt4pd04q0zik+vhy7g0EM/LinbQu595i:6veEn3+pCg0EUGQuL5

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  55b057826c77fb6c5047483f06fbf880
- Size
  
  140KB
- MD5
  
  55b057826c77fb6c5047483f06fbf880
- SHA1
  
  0b13e6ce4daf9ce79bd6bc3791bd911dfa8b8d94
- SHA256
  
  818e842d42e2307de9058ece6260313eea686665a4663d607d952503facb1ecf
- SHA512
  
  99a3f94dda9724b4bf22016e1d2adc5b5dcc269aead522f15aeea18a5d5e2ff728098bf0da9dae3ae8783e34991358310ea34cd4bc4feaf0b37e8160bc974d29
- SSDEEP
  
  768:zevsmyt4pd04q0zik+vhy7g0EM/LinbQu595i:6veEn3+pCg0EUGQuL5
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence