3a1cc2231067d08e587bf60634918b60bd9ccedfd961bf5fec191c517c3bd5bd | Triage

Sharing

General

Target

66614b494e996fd93a206f90c226b44c
Size

108KB
Sample

240119-abbjqshgfm
MD5

66614b494e996fd93a206f90c226b44c
SHA1

ba57502b0b4a967b563b30f768727c7da92e5b79
SHA256

3a1cc2231067d08e587bf60634918b60bd9ccedfd961bf5fec191c517c3bd5bd
SHA512

ba173cf49aae1fd538f3b34417188043c55377740bd59975e62384860949e6fee22ec12b3a8133cafd88271f65b8b8d2fecff3bdf93a9c5225c1299d058435aa
SSDEEP

1536:MUX/V5Ejes5mBVKuCrENMRs7IkXjVLwhJt5G35Xm4ofWmkVpgWKBjWSKM8IVbnO0:fX/QQCs7IkXhWyGCnVE

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  66614b494e996fd93a206f90c226b44c
- Size
  
  108KB
- MD5
  
  66614b494e996fd93a206f90c226b44c
- SHA1
  
  ba57502b0b4a967b563b30f768727c7da92e5b79
- SHA256
  
  3a1cc2231067d08e587bf60634918b60bd9ccedfd961bf5fec191c517c3bd5bd
- SHA512
  
  ba173cf49aae1fd538f3b34417188043c55377740bd59975e62384860949e6fee22ec12b3a8133cafd88271f65b8b8d2fecff3bdf93a9c5225c1299d058435aa
- SSDEEP
  
  1536:MUX/V5Ejes5mBVKuCrENMRs7IkXjVLwhJt5G35Xm4ofWmkVpgWKBjWSKM8IVbnO0:fX/QQCs7IkXhWyGCnVE
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence