2d06af59253d1021db39415c2253e6bf3c8d6f47cf4f2703062ddda05691ced5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

58697b0ccbca971d58b45ab035f89115
Size

204KB
Sample

240113-jygtpsfdf3
MD5

58697b0ccbca971d58b45ab035f89115
SHA1

b79d4b1469cd31e6e35754f0355cbec7c5876739
SHA256

2d06af59253d1021db39415c2253e6bf3c8d6f47cf4f2703062ddda05691ced5
SHA512

dc677b3a8984c9a014678b2f7684536712ff9bd8369cd779020979aabca7d86ad91584ad4544c86d7e8fd0d9f74a446ee67a4272a903cde325c4ae686d244174
SSDEEP

3072:N4Rb9GffGv4rPB3QJcaitfdE1611wuUBcQZff8:d42PhKc39di611wcV

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  58697b0ccbca971d58b45ab035f89115
- Size
  
  204KB
- MD5
  
  58697b0ccbca971d58b45ab035f89115
- SHA1
  
  b79d4b1469cd31e6e35754f0355cbec7c5876739
- SHA256
  
  2d06af59253d1021db39415c2253e6bf3c8d6f47cf4f2703062ddda05691ced5
- SHA512
  
  dc677b3a8984c9a014678b2f7684536712ff9bd8369cd779020979aabca7d86ad91584ad4544c86d7e8fd0d9f74a446ee67a4272a903cde325c4ae686d244174
- SSDEEP
  
  3072:N4Rb9GffGv4rPB3QJcaitfdE1611wuUBcQZff8:d42PhKc39di611wcV
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence