2cd718976c04ae1515ca0497f45a28337c018b660a970fa8b369edf1ad2148d2 | Triage

Sharing

General

Target

78713f508db46874916b5d4bf044d351
Size

224KB
Sample

240126-1c4vsaegd5
MD5

78713f508db46874916b5d4bf044d351
SHA1

d068ed69c0ea769ce7d2f16a19b95e4d8e828a14
SHA256

2cd718976c04ae1515ca0497f45a28337c018b660a970fa8b369edf1ad2148d2
SHA512

29af586fc4079e861aa12fec9fcd743f2b0e108c53739f5994c15d6310c5aa6c2d5741d26ba732ab5afc8a35fc36096adbed768d4bb031b40057d82fdc9815f3
SSDEEP

3072:Vk6kvZjWnE5pqaAF/OVLj4UbaxxmLQTi2//9U33T+NVzo:V1kBmlaAF4RFSs

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  78713f508db46874916b5d4bf044d351
- Size
  
  224KB
- MD5
  
  78713f508db46874916b5d4bf044d351
- SHA1
  
  d068ed69c0ea769ce7d2f16a19b95e4d8e828a14
- SHA256
  
  2cd718976c04ae1515ca0497f45a28337c018b660a970fa8b369edf1ad2148d2
- SHA512
  
  29af586fc4079e861aa12fec9fcd743f2b0e108c53739f5994c15d6310c5aa6c2d5741d26ba732ab5afc8a35fc36096adbed768d4bb031b40057d82fdc9815f3
- SSDEEP
  
  3072:Vk6kvZjWnE5pqaAF/OVLj4UbaxxmLQTi2//9U33T+NVzo:V1kBmlaAF4RFSs
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence