f76cf350092cc2f70bf3bb82e285ece37cdce8e949bfb0928b97da782252446c | Triage

Sharing

General

Target

f76cf350092cc2f70bf3bb82e285ece37cdce8e949bfb0928b97da782252446c
Size

4.8MB
Sample

240523-fmh1vaee4w
MD5

33f0bc33e0561fdf73e14da630053a23
SHA1

47cf5e35720cca9292d2576ad56b260196712f9a
SHA256

f76cf350092cc2f70bf3bb82e285ece37cdce8e949bfb0928b97da782252446c
SHA512

47f55e600864e20d51a2665a366cf869bc4edf6d35ed0fc10a49f2254e71c3810c46433dc1ee386dd856f3a07694dd1c27a02be9bfef87d9686748d476508611
SSDEEP

98304:M3v+7Mi/ME3pKNcwUNXB6wQm+LFmm9rSAeIMxKmF6vq5y/ramhWm1:Mf+IE5KsNXBDALF/6rxsGmhWm1

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  f76cf350092cc2f70bf3bb82e285ece37cdce8e949bfb0928b97da782252446c
- Size
  
  4.8MB
- MD5
  
  33f0bc33e0561fdf73e14da630053a23
- SHA1
  
  47cf5e35720cca9292d2576ad56b260196712f9a
- SHA256
  
  f76cf350092cc2f70bf3bb82e285ece37cdce8e949bfb0928b97da782252446c
- SHA512
  
  47f55e600864e20d51a2665a366cf869bc4edf6d35ed0fc10a49f2254e71c3810c46433dc1ee386dd856f3a07694dd1c27a02be9bfef87d9686748d476508611
- SSDEEP
  
  98304:M3v+7Mi/ME3pKNcwUNXB6wQm+LFmm9rSAeIMxKmF6vq5y/ramhWm1:Mf+IE5KsNXBDALF/6rxsGmhWm1
Score

10^/10

evasion trojan
- UAC bypass
  evasion trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2