56c38ab532c771a65e4e4e054b933506a66b99ab69d0c65c9c3e73c6fa0e95dd | Triage

Sharing

General

Target

bcdde5486e35c501afcf99ad24680e59.bin
Size

96KB
Sample

240311-cmgk8shh37
MD5

bcdde5486e35c501afcf99ad24680e59
SHA1

360acce82345a9881233f7e2cc25867ee9435ab3
SHA256

56c38ab532c771a65e4e4e054b933506a66b99ab69d0c65c9c3e73c6fa0e95dd
SHA512

6bd7be8ec66723308026ef4dc6517a22fc643d03405689eb9d827564a7b07ccb28c0514da2194ad04717bb85dcb1acd0330f955c2e30f4b420c45a70267cb9cb
SSDEEP

1536:+wEg52LbtyVQO8PXychdwjj3RJEEo/k3gzinynEkRldUEPjlijOezNIjnZYy:LE/LUOychUzRqEkMCRld8zCnqy

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  bcdde5486e35c501afcf99ad24680e59.bin
- Size
  
  96KB
- MD5
  
  bcdde5486e35c501afcf99ad24680e59
- SHA1
  
  360acce82345a9881233f7e2cc25867ee9435ab3
- SHA256
  
  56c38ab532c771a65e4e4e054b933506a66b99ab69d0c65c9c3e73c6fa0e95dd
- SHA512
  
  6bd7be8ec66723308026ef4dc6517a22fc643d03405689eb9d827564a7b07ccb28c0514da2194ad04717bb85dcb1acd0330f955c2e30f4b420c45a70267cb9cb
- SSDEEP
  
  1536:+wEg52LbtyVQO8PXychdwjj3RJEEo/k3gzinynEkRldUEPjlijOezNIjnZYy:LE/LUOychUzRqEkMCRld8zCnqy
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence