715cb554fd042a4a6546ffcb4c0f08cd76d7c6dad50c0dc0751f15ebaf4d9adb | Triage

Sharing

General

Target

c7e98857aeb3d3cefd67a5aee688eb30
Size

44KB
Sample

240314-g6lrhscg2s
MD5

c7e98857aeb3d3cefd67a5aee688eb30
SHA1

b4f42188c4f64e6148d5313107986afa526af4c2
SHA256

715cb554fd042a4a6546ffcb4c0f08cd76d7c6dad50c0dc0751f15ebaf4d9adb
SHA512

49eb5c79246df201d11d9676f6c8d87a6d4da7d112a52cc7a314e84ff900bbd36251e5c3ecbd092efb700cb1216a28be752bf9d1cc98642d6b623ae2ce0ba1b3
SSDEEP

768:XX/Hdq9VktXe04H7cHPHYmug6UXQm1dIZE2ocOT77e:XSkoHyj6S3T77

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  c7e98857aeb3d3cefd67a5aee688eb30
- Size
  
  44KB
- MD5
  
  c7e98857aeb3d3cefd67a5aee688eb30
- SHA1
  
  b4f42188c4f64e6148d5313107986afa526af4c2
- SHA256
  
  715cb554fd042a4a6546ffcb4c0f08cd76d7c6dad50c0dc0751f15ebaf4d9adb
- SHA512
  
  49eb5c79246df201d11d9676f6c8d87a6d4da7d112a52cc7a314e84ff900bbd36251e5c3ecbd092efb700cb1216a28be752bf9d1cc98642d6b623ae2ce0ba1b3
- SSDEEP
  
  768:XX/Hdq9VktXe04H7cHPHYmug6UXQm1dIZE2ocOT77e:XSkoHyj6S3T77
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence