f034bf54e103f81d569df8a0f23b97d50992f4faea996ad827986bba3494a492 | Triage

Sharing

General

Target

dc7d5c08e85dd0c4d3d7e9000b6f3560N.exe
Size

140KB
Sample

240715-pz8ayavbqe
MD5

dc7d5c08e85dd0c4d3d7e9000b6f3560
SHA1

6e35f30a7842e7d1739cfcf4385c01663b194be2
SHA256

f034bf54e103f81d569df8a0f23b97d50992f4faea996ad827986bba3494a492
SHA512

860b706cefbd3d700da380744b72bb0c30c1add49895ffde16553ba5ae91ab8604857453fdf142e76fe4eb551d73b98400fc315bfdc425f5d84a4fa2c8367e80
SSDEEP

768:zB+A7hhyt4pd04q0zik+vhy7g0EM/LinbQO5cn9:tbhheEn3+pCg0EUGQO2

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  dc7d5c08e85dd0c4d3d7e9000b6f3560N.exe
- Size
  
  140KB
- MD5
  
  dc7d5c08e85dd0c4d3d7e9000b6f3560
- SHA1
  
  6e35f30a7842e7d1739cfcf4385c01663b194be2
- SHA256
  
  f034bf54e103f81d569df8a0f23b97d50992f4faea996ad827986bba3494a492
- SHA512
  
  860b706cefbd3d700da380744b72bb0c30c1add49895ffde16553ba5ae91ab8604857453fdf142e76fe4eb551d73b98400fc315bfdc425f5d84a4fa2c8367e80
- SSDEEP
  
  768:zB+A7hhyt4pd04q0zik+vhy7g0EM/LinbQO5cn9:tbhheEn3+pCg0EUGQO2
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence