d73cbc311d5fc6f297f661bf465a8fdb13ca184619aafad61235f672c27610a6 | Triage

Sharing

General

Target

d73cbc311d5fc6f297f661bf465a8fdb13ca184619aafad61235f672c27610a6
Size

124KB
Sample

240520-dtq9pahb93
MD5

8148b0a59054f3c79278875508fa7a85
SHA1

9955b3503f7e526361f018e283b3356b3679db00
SHA256

d73cbc311d5fc6f297f661bf465a8fdb13ca184619aafad61235f672c27610a6
SHA512

694dd86d744ade19e3bed906e550557ba3be6fc75d1d5a5ecba39fcdfe0b562ac9d191cd1862160ae7f44c0a4417a7e29e9a40c4c27ea0fd54bdf9b7d28c0028
SSDEEP

1536:FVszw5YSd0hRO/N69BH3OoGa+FL9jKceRgrkjSo:nGSYK0hkFoN3Oo1+F92S

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  d73cbc311d5fc6f297f661bf465a8fdb13ca184619aafad61235f672c27610a6
- Size
  
  124KB
- MD5
  
  8148b0a59054f3c79278875508fa7a85
- SHA1
  
  9955b3503f7e526361f018e283b3356b3679db00
- SHA256
  
  d73cbc311d5fc6f297f661bf465a8fdb13ca184619aafad61235f672c27610a6
- SHA512
  
  694dd86d744ade19e3bed906e550557ba3be6fc75d1d5a5ecba39fcdfe0b562ac9d191cd1862160ae7f44c0a4417a7e29e9a40c4c27ea0fd54bdf9b7d28c0028
- SSDEEP
  
  1536:FVszw5YSd0hRO/N69BH3OoGa+FL9jKceRgrkjSo:nGSYK0hkFoN3Oo1+F92S
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence