4567639eb1b2564b8304f24ac11202cc319877cba9cd45a70c1519c65858c7ad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a08129d6a7f6b17ff901b112768adaec
Size

288KB
Sample

240223-2gbv8sbc6z
MD5

a08129d6a7f6b17ff901b112768adaec
SHA1

fe113d9d182e79c64cbaae099c0ae016df0f6206
SHA256

4567639eb1b2564b8304f24ac11202cc319877cba9cd45a70c1519c65858c7ad
SHA512

ea6b82d45f3cca4d9710bd5de869d7e203c9c3260a9d3920d19e763aa5400b85f112c12d53438bc38e0d602fc1aa87ff66f6634c779b986b6ce2dea45be5e1f5
SSDEEP

6144:sJviIvbGuOdn9Z/QmO6Ckobf3fGCmahGkUutL:FIvbGuYnXQmO6Ckobf3fGCmah7Uk

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  a08129d6a7f6b17ff901b112768adaec
- Size
  
  288KB
- MD5
  
  a08129d6a7f6b17ff901b112768adaec
- SHA1
  
  fe113d9d182e79c64cbaae099c0ae016df0f6206
- SHA256
  
  4567639eb1b2564b8304f24ac11202cc319877cba9cd45a70c1519c65858c7ad
- SHA512
  
  ea6b82d45f3cca4d9710bd5de869d7e203c9c3260a9d3920d19e763aa5400b85f112c12d53438bc38e0d602fc1aa87ff66f6634c779b986b6ce2dea45be5e1f5
- SSDEEP
  
  6144:sJviIvbGuOdn9Z/QmO6Ckobf3fGCmahGkUutL:FIvbGuYnXQmO6Ckobf3fGCmah7Uk
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence