44a53d699f900e4e1a2c639856c5389344d0cf35a5d1902ff4187778bffcc08d | Triage

Sharing

General

Target

77d703ff9dd48c9911fb7b7031552aa9
Size

156KB
Sample

240126-t14rcsbcdj
MD5

77d703ff9dd48c9911fb7b7031552aa9
SHA1

3c0d6ae6b170792eba1f2a6cb8a679ba7195e27b
SHA256

44a53d699f900e4e1a2c639856c5389344d0cf35a5d1902ff4187778bffcc08d
SHA512

f7c68c9198515a4ace6e3b72cee355d230baf0a79341daa62542abe543480f14a6d07996eadba14f7b52ab3c09d9e8bb5b9782dd871f22fd72a5aa7dd2c463d2
SSDEEP

3072:bvo0kMEdu3kSESulCVRgQPwU3MppI1zePMThBgNE5j4oQr:joHu3ESul9LI1zeEhfdu

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  77d703ff9dd48c9911fb7b7031552aa9
- Size
  
  156KB
- MD5
  
  77d703ff9dd48c9911fb7b7031552aa9
- SHA1
  
  3c0d6ae6b170792eba1f2a6cb8a679ba7195e27b
- SHA256
  
  44a53d699f900e4e1a2c639856c5389344d0cf35a5d1902ff4187778bffcc08d
- SHA512
  
  f7c68c9198515a4ace6e3b72cee355d230baf0a79341daa62542abe543480f14a6d07996eadba14f7b52ab3c09d9e8bb5b9782dd871f22fd72a5aa7dd2c463d2
- SSDEEP
  
  3072:bvo0kMEdu3kSESulCVRgQPwU3MppI1zePMThBgNE5j4oQr:joHu3ESul9LI1zeEhfdu
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence