47d52b66a74824c111330feb11bbece063e13e9f9d309deb89c8504b4850513f | Triage

Sharing

General

Target

790f49dcafe4a77367670c45cde5c863
Size

96KB
Sample

240127-c5p1bsdabq
MD5

790f49dcafe4a77367670c45cde5c863
SHA1

1ec3cae51d7b10b86eb7f1eca3aa9f2a7e3271ef
SHA256

47d52b66a74824c111330feb11bbece063e13e9f9d309deb89c8504b4850513f
SHA512

8c1981c4e7d72708aa3d33c149b2fb3cea18f496bff61fced75f2a5813821b3284ce397da95a54b380eef5cec0d06e20e20b2c449f0e704c16a68cc9b3e8085c
SSDEEP

1536:igYPhQXwIiPrrjThO+lUBrzCxry1ec7rUyj239au7538iJkZgyfi:FYP2XerzhOUxu/XUtauF8iJkZgb

Score

8^/10

evasion persistence

Malware Config

Targets

- Target
  
  790f49dcafe4a77367670c45cde5c863
- Size
  
  96KB
- MD5
  
  790f49dcafe4a77367670c45cde5c863
- SHA1
  
  1ec3cae51d7b10b86eb7f1eca3aa9f2a7e3271ef
- SHA256
  
  47d52b66a74824c111330feb11bbece063e13e9f9d309deb89c8504b4850513f
- SHA512
  
  8c1981c4e7d72708aa3d33c149b2fb3cea18f496bff61fced75f2a5813821b3284ce397da95a54b380eef5cec0d06e20e20b2c449f0e704c16a68cc9b3e8085c
- SSDEEP
  
  1536:igYPhQXwIiPrrjThO+lUBrzCxry1ec7rUyj239au7538iJkZgyfi:FYP2XerzhOUxu/XUtauF8iJkZgb
Score

8^/10

evasion persistence
- Creates new service(s)
  persistence
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence