59f50d54099b4b07c56a97028a8f42fa0b78769bc5c6b469f73ec322842a5014 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

59f50d54099b4b07c56a97028a8f42fa0b78769bc5c6b469f73ec322842a5014
Size

172KB
Sample

240529-1vy29acb78
MD5

1a8150e897b97779a6bf259a84245527
SHA1

fc2d33ee43472f9bd8245a28fffa2a122c444890
SHA256

59f50d54099b4b07c56a97028a8f42fa0b78769bc5c6b469f73ec322842a5014
SHA512

95595e48d3cdca237662f575aaaa26f0fd1bd7afa4c8b247a3da6bc1dd8e9599ab390d9b63cbd823168b44828b83d2706387d7108f3f6f12b019a68fc018fef0
SSDEEP

1536:Gfl0cc6BnUOB+dGrNjjmJ2NuKuFr1M5BnQbCcIfV:d6BUOB++jOvCV

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  59f50d54099b4b07c56a97028a8f42fa0b78769bc5c6b469f73ec322842a5014
- Size
  
  172KB
- MD5
  
  1a8150e897b97779a6bf259a84245527
- SHA1
  
  fc2d33ee43472f9bd8245a28fffa2a122c444890
- SHA256
  
  59f50d54099b4b07c56a97028a8f42fa0b78769bc5c6b469f73ec322842a5014
- SHA512
  
  95595e48d3cdca237662f575aaaa26f0fd1bd7afa4c8b247a3da6bc1dd8e9599ab390d9b63cbd823168b44828b83d2706387d7108f3f6f12b019a68fc018fef0
- SSDEEP
  
  1536:Gfl0cc6BnUOB+dGrNjjmJ2NuKuFr1M5BnQbCcIfV:d6BUOB++jOvCV
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence