77bae933800a5ea4dde4f85b8ba7b02fbae2359e3d9e9e79443625d65ef5513d | Triage

Sharing

General

Target

77bae933800a5ea4dde4f85b8ba7b02fbae2359e3d9e9e79443625d65ef5513d
Size

124KB
Sample

240517-ak31cagc9s
MD5

94ca7a3511d9ce833ad8a8716d95c620
SHA1

4b946f53b780da367a80d3122ea33ac73c60c4b6
SHA256

77bae933800a5ea4dde4f85b8ba7b02fbae2359e3d9e9e79443625d65ef5513d
SHA512

7c454fc1ae3bbceb5541a98172d6ae6835e00c291f5c823213e713b2f782810901601f9eba71992e81746933f1c71016b5605a6d0ef9b300f494c7c52ca7851b
SSDEEP

1536:Jkszn5YXhRO/N69BH3OoGa+FL9jKceRgrkjSo:+G5YXhkFoN3Oo1+F92S

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  77bae933800a5ea4dde4f85b8ba7b02fbae2359e3d9e9e79443625d65ef5513d
- Size
  
  124KB
- MD5
  
  94ca7a3511d9ce833ad8a8716d95c620
- SHA1
  
  4b946f53b780da367a80d3122ea33ac73c60c4b6
- SHA256
  
  77bae933800a5ea4dde4f85b8ba7b02fbae2359e3d9e9e79443625d65ef5513d
- SHA512
  
  7c454fc1ae3bbceb5541a98172d6ae6835e00c291f5c823213e713b2f782810901601f9eba71992e81746933f1c71016b5605a6d0ef9b300f494c7c52ca7851b
- SSDEEP
  
  1536:Jkszn5YXhRO/N69BH3OoGa+FL9jKceRgrkjSo:+G5YXhkFoN3Oo1+F92S
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence