45c1d2508ba85f787caed48cbc834547a5271d923bad51a1b39d2536353f42bf | Triage

Sharing

General

Target

386c7ea195401747c6f7bea1314adb00N.exe
Size

11KB
Sample

240723-avny6sxbkf
MD5

386c7ea195401747c6f7bea1314adb00
SHA1

3df211d363010776cc536eb02835dc6c357626d9
SHA256

45c1d2508ba85f787caed48cbc834547a5271d923bad51a1b39d2536353f42bf
SHA512

48f0297d3afd299c2a910d42a23c63fa2127d9d21d675d2392d79da8a6bf4922008d97aa26432fac75d6a1e5da2e32b16cbcaa257e8a1a9700f7c913bd90e42b
SSDEEP

192:Zg6eHLE5KxkDpnqKjIdtaCRYvRtCk1rE1Ty68A3CuYYpZ7E:G6eHIAx0pqNgHvRtoyhASuYYpZ7E

Score

7^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  386c7ea195401747c6f7bea1314adb00N.exe
- Size
  
  11KB
- MD5
  
  386c7ea195401747c6f7bea1314adb00
- SHA1
  
  3df211d363010776cc536eb02835dc6c357626d9
- SHA256
  
  45c1d2508ba85f787caed48cbc834547a5271d923bad51a1b39d2536353f42bf
- SHA512
  
  48f0297d3afd299c2a910d42a23c63fa2127d9d21d675d2392d79da8a6bf4922008d97aa26432fac75d6a1e5da2e32b16cbcaa257e8a1a9700f7c913bd90e42b
- SSDEEP
  
  192:Zg6eHLE5KxkDpnqKjIdtaCRYvRtCk1rE1Ty68A3CuYYpZ7E:G6eHIAx0pqNgHvRtoyhASuYYpZ7E
Score

7^/10

evasion persistence trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2