f7754181967c56864c6dc02c49cac8e963097e88108a116a4deb330a43b7cfac | Triage

Sharing

General

Target

f7754181967c56864c6dc02c49cac8e963097e88108a116a4deb330a43b7cfac
Size

172KB
Sample

240425-f1hl8sga9z
MD5

cca214ae774b9a98ac3e28fdb91df3ea
SHA1

5ea3776425284cd021f5ee70965955ad3950342d
SHA256

f7754181967c56864c6dc02c49cac8e963097e88108a116a4deb330a43b7cfac
SHA512

41f71b7623325b9c1825490e8d7bbc56b874036031e18b97c4954698c5a80d32d16da1735a44cc13c45210a1626b02a323a36befbe2531b62d669905462ae236
SSDEEP

3072:xCqPc8+4xLKGPQb6pLnq1AbpaMAePjT9273c0Iy8onzK98:ltxLKGPQbWqliF27MHsKq

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  f7754181967c56864c6dc02c49cac8e963097e88108a116a4deb330a43b7cfac
- Size
  
  172KB
- MD5
  
  cca214ae774b9a98ac3e28fdb91df3ea
- SHA1
  
  5ea3776425284cd021f5ee70965955ad3950342d
- SHA256
  
  f7754181967c56864c6dc02c49cac8e963097e88108a116a4deb330a43b7cfac
- SHA512
  
  41f71b7623325b9c1825490e8d7bbc56b874036031e18b97c4954698c5a80d32d16da1735a44cc13c45210a1626b02a323a36befbe2531b62d669905462ae236
- SSDEEP
  
  3072:xCqPc8+4xLKGPQb6pLnq1AbpaMAePjT9273c0Iy8onzK98:ltxLKGPQbWqliF27MHsKq
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence