791afb63acf0b002e5efee2c4f93b8a03b397fa6ab67269a6a7b3fe6ad7cc77e | Triage

Sharing

General

Target

7f809c8fda6c00eaee7242ef75fe5139
Size

68KB
Sample

240129-llsfsafab2
MD5

7f809c8fda6c00eaee7242ef75fe5139
SHA1

444a1761c248387c22fa737026e85cd086bf2c91
SHA256

791afb63acf0b002e5efee2c4f93b8a03b397fa6ab67269a6a7b3fe6ad7cc77e
SHA512

223bf0e01b1f881869bf4e0ae6a78c7a97d38ef1c402f52176ed0260b1d39662974cdc4146652fb4f8fd42851d7fd86983a86ee949ea31e012ab4bfda7921d28
SSDEEP

768:jcnliTdmXUzAl+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:onIxPAcqOK3qowgnt1d

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  7f809c8fda6c00eaee7242ef75fe5139
- Size
  
  68KB
- MD5
  
  7f809c8fda6c00eaee7242ef75fe5139
- SHA1
  
  444a1761c248387c22fa737026e85cd086bf2c91
- SHA256
  
  791afb63acf0b002e5efee2c4f93b8a03b397fa6ab67269a6a7b3fe6ad7cc77e
- SHA512
  
  223bf0e01b1f881869bf4e0ae6a78c7a97d38ef1c402f52176ed0260b1d39662974cdc4146652fb4f8fd42851d7fd86983a86ee949ea31e012ab4bfda7921d28
- SSDEEP
  
  768:jcnliTdmXUzAl+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:onIxPAcqOK3qowgnt1d
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence