cb0f238764fc1a69863e373402ee748254238ca307497be0bbf96086067b98bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cb0f238764fc1a69863e373402ee748254238ca307497be0bbf96086067b98bf
Size

192KB
Sample

221201-v8ja3acd76
MD5

4fca78d795b236511d52dcfedb365824
SHA1

e8d49eb88682e884fec1894d62f1fb6bdfe1897e
SHA256

cb0f238764fc1a69863e373402ee748254238ca307497be0bbf96086067b98bf
SHA512

39efc829e7cf97e06300982005b993ecd9990edfb626df92447875af1cb9dc4298e8ffe1e19e947ec27d31a5d02308c7ff16c20495421567ce9adce5fd5c47e8
SSDEEP

3072:8t8EKKTAoyjzHY7p1VIaRv7WUG7w2UW9u1DXNJ9p/B7/FpqRpwob9DcETPOJ2NWv:kZlyPHoFncDbUW9UJfBLnqrwU9DcEPU

Score

8^/10

Malware Config

Targets

- Target
  
  cb0f238764fc1a69863e373402ee748254238ca307497be0bbf96086067b98bf
- Size
  
  192KB
- MD5
  
  4fca78d795b236511d52dcfedb365824
- SHA1
  
  e8d49eb88682e884fec1894d62f1fb6bdfe1897e
- SHA256
  
  cb0f238764fc1a69863e373402ee748254238ca307497be0bbf96086067b98bf
- SHA512
  
  39efc829e7cf97e06300982005b993ecd9990edfb626df92447875af1cb9dc4298e8ffe1e19e947ec27d31a5d02308c7ff16c20495421567ce9adce5fd5c47e8
- SSDEEP
  
  3072:8t8EKKTAoyjzHY7p1VIaRv7WUG7w2UW9u1DXNJ9p/B7/FpqRpwob9DcETPOJ2NWv:kZlyPHoFncDbUW9UJfBLnqrwU9DcEPU
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2