a43d8b18f4efa91cbfa725f18fe56c7f8682594f53564d68a1f571388e0ab566 | Triage

Sharing

General

Target

a43d8b18f4efa91cbfa725f18fe56c7f8682594f53564d68a1f571388e0ab566
Size

256KB
Sample

240430-bbe3lafh5v
MD5

68aa3b554cffe21e86dabe1751384aea
SHA1

d3e0b9339ff16861a3fd2281b482ebd4b7d5ff64
SHA256

a43d8b18f4efa91cbfa725f18fe56c7f8682594f53564d68a1f571388e0ab566
SHA512

aa60b3da086bdd1ea6462188ddd17baa7d7d639f0befb652e1414dbebb4deccb8dee45946955bab90cc531f8230170f882434f4fc2a2a68006f924e1d4aa3608
SSDEEP

6144:xBawbQXn2J5V2aWOKojDOgbTnNkyjZjju:xAwbQWoOKojDOgbTNku

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  a43d8b18f4efa91cbfa725f18fe56c7f8682594f53564d68a1f571388e0ab566
- Size
  
  256KB
- MD5
  
  68aa3b554cffe21e86dabe1751384aea
- SHA1
  
  d3e0b9339ff16861a3fd2281b482ebd4b7d5ff64
- SHA256
  
  a43d8b18f4efa91cbfa725f18fe56c7f8682594f53564d68a1f571388e0ab566
- SHA512
  
  aa60b3da086bdd1ea6462188ddd17baa7d7d639f0befb652e1414dbebb4deccb8dee45946955bab90cc531f8230170f882434f4fc2a2a68006f924e1d4aa3608
- SSDEEP
  
  6144:xBawbQXn2J5V2aWOKojDOgbTnNkyjZjju:xAwbQWoOKojDOgbTNku
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence