75e6ca0c7570823a3fea12faf3a9fb055618f25fe3fccecb7857cefcf5f021ab | Triage

Sharing

General

Target

cb982c2b5a56cbb3bdbc5d83a611ebe5
Size

224KB
Sample

240315-rcq49aac5z
MD5

cb982c2b5a56cbb3bdbc5d83a611ebe5
SHA1

a0c412b46502dea1e3c42612210554e789d45db6
SHA256

75e6ca0c7570823a3fea12faf3a9fb055618f25fe3fccecb7857cefcf5f021ab
SHA512

548fb3c3b538ab17353581c71aefa2e1eb7ef90de2df72b47396afa91c3594e70a2dc0e3e1b3f03b089c88e0c5a28b1d20f31d7c2c29298683c369a4eb9ab3f7
SSDEEP

6144:9p511DifkpJFhSpe/+Ij7NweeJEKlJ85eg/0ISDhfq:9p51RisJXKIj3e6Rvd/

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  cb982c2b5a56cbb3bdbc5d83a611ebe5
- Size
  
  224KB
- MD5
  
  cb982c2b5a56cbb3bdbc5d83a611ebe5
- SHA1
  
  a0c412b46502dea1e3c42612210554e789d45db6
- SHA256
  
  75e6ca0c7570823a3fea12faf3a9fb055618f25fe3fccecb7857cefcf5f021ab
- SHA512
  
  548fb3c3b538ab17353581c71aefa2e1eb7ef90de2df72b47396afa91c3594e70a2dc0e3e1b3f03b089c88e0c5a28b1d20f31d7c2c29298683c369a4eb9ab3f7
- SSDEEP
  
  6144:9p511DifkpJFhSpe/+Ij7NweeJEKlJ85eg/0ISDhfq:9p51RisJXKIj3e6Rvd/
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence