f8dc34dda892a85092d948326fa312d8f0cd034343ec2ae88327d66857e90b63 | Triage

Sharing

General

Target

f8dc34dda892a85092d948326fa312d8f0cd034343ec2ae88327d66857e90b63
Size

124KB
Sample

240425-f3nahagb3z
MD5

2d396b34a41e57db4b3a40acfca3f134
SHA1

a0ec821d2c579e8dde2e6219fdc0bb1207446dab
SHA256

f8dc34dda892a85092d948326fa312d8f0cd034343ec2ae88327d66857e90b63
SHA512

58bcbac9a989a422072f841d2d336d51bb28e086fe843748abb4b784f12feddd2bc00c89754584e85d91b54b6007b988ea54269c1676a10cf87c89d2d946a52b
SSDEEP

1536:hRszs5YrHbhRO/N69BH3OoGa+FLHjKceRgrkOSoINeGUmE:HG+YrHbhkFoN3Oo1+FvfSW

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  f8dc34dda892a85092d948326fa312d8f0cd034343ec2ae88327d66857e90b63
- Size
  
  124KB
- MD5
  
  2d396b34a41e57db4b3a40acfca3f134
- SHA1
  
  a0ec821d2c579e8dde2e6219fdc0bb1207446dab
- SHA256
  
  f8dc34dda892a85092d948326fa312d8f0cd034343ec2ae88327d66857e90b63
- SHA512
  
  58bcbac9a989a422072f841d2d336d51bb28e086fe843748abb4b784f12feddd2bc00c89754584e85d91b54b6007b988ea54269c1676a10cf87c89d2d946a52b
- SSDEEP
  
  1536:hRszs5YrHbhRO/N69BH3OoGa+FLHjKceRgrkOSoINeGUmE:HG+YrHbhkFoN3Oo1+FvfSW
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence