b0ddcc2348ffcb31e426493648cd81c28d5426c7989a93142d33dd72d614c2d3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

747d8b874fe106199dca6682af1c4970_NEAS
Size

224KB
Sample

240507-ga2svsee38
MD5

747d8b874fe106199dca6682af1c4970
SHA1

71bfbcfce9febfbb2a30e0c36951778819285156
SHA256

b0ddcc2348ffcb31e426493648cd81c28d5426c7989a93142d33dd72d614c2d3
SHA512

9a3b097d649e7dd5a8544954b78b8c8c1400c23b45ffcf1c82ae044bcadb0e8819b4997d75b6b4d9705c2df3a395579c4eb62b59e94f7963e03f22486be9657b
SSDEEP

3072:j6JnHcFF+YupJ904AX+ipuvnHMC6Fz2Pa9VZumXYdVL63fZi8KGcI:U8FFk/at6PMFKa9VUuYdVL63fZNV

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  747d8b874fe106199dca6682af1c4970_NEAS
- Size
  
  224KB
- MD5
  
  747d8b874fe106199dca6682af1c4970
- SHA1
  
  71bfbcfce9febfbb2a30e0c36951778819285156
- SHA256
  
  b0ddcc2348ffcb31e426493648cd81c28d5426c7989a93142d33dd72d614c2d3
- SHA512
  
  9a3b097d649e7dd5a8544954b78b8c8c1400c23b45ffcf1c82ae044bcadb0e8819b4997d75b6b4d9705c2df3a395579c4eb62b59e94f7963e03f22486be9657b
- SSDEEP
  
  3072:j6JnHcFF+YupJ904AX+ipuvnHMC6Fz2Pa9VZumXYdVL63fZi8KGcI:U8FFk/at6PMFKa9VUuYdVL63fZNV
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence