75f28bbc7e76ed43f6ffa8f6499ef7e3c1c5675382554c9eaec53f4c93e25ce5 | Triage

Sharing

General

Target

b962a314dccce720997a5d2a73f8d0fc
Size

169KB
Sample

240307-w6r1vsbe3v
MD5

b962a314dccce720997a5d2a73f8d0fc
SHA1

d93d57a0fd22a1ca44b6ac2022b3ee3ee3455069
SHA256

75f28bbc7e76ed43f6ffa8f6499ef7e3c1c5675382554c9eaec53f4c93e25ce5
SHA512

1391e19861ef2c033b0ab00839c45d1f6fbf74d863e2b222e7331523d652c609964378c88e141ce852154095d6171ac6e516a1e727b2dbdd54a83017fc7ffb90
SSDEEP

1536:ZbHw7BRvUe/eDhTmQXMXBYUR5bOxyUpWaarEE:9u0emDcQiOxyUI5

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  b962a314dccce720997a5d2a73f8d0fc
- Size
  
  169KB
- MD5
  
  b962a314dccce720997a5d2a73f8d0fc
- SHA1
  
  d93d57a0fd22a1ca44b6ac2022b3ee3ee3455069
- SHA256
  
  75f28bbc7e76ed43f6ffa8f6499ef7e3c1c5675382554c9eaec53f4c93e25ce5
- SHA512
  
  1391e19861ef2c033b0ab00839c45d1f6fbf74d863e2b222e7331523d652c609964378c88e141ce852154095d6171ac6e516a1e727b2dbdd54a83017fc7ffb90
- SSDEEP
  
  1536:ZbHw7BRvUe/eDhTmQXMXBYUR5bOxyUpWaarEE:9u0emDcQiOxyUI5
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence