cc0ee135e8c1a4965ada891bfd41766a1ed6de2572b2dc59d21382a0c1b98be3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cc0ee135e8c1a4965ada891bfd41766a1ed6de2572b2dc59d21382a0c1b98be3
Size

189KB
Sample

221203-rstkbace41
MD5

faedbcf321ba854987021ab388b7262a
SHA1

f7403a753a97882ed90b7b29bb45be8c059cb869
SHA256

cc0ee135e8c1a4965ada891bfd41766a1ed6de2572b2dc59d21382a0c1b98be3
SHA512

0d0fadf9e324245bf0faf90afea69b61fb8cc58dad63040d19174eac019d24658c4ec1648bc0c19c26314b6adc9f8c0713647d784e42d9682000c9943b06c3cd
SSDEEP

3072:WwxVMhOC/dTDbq91+mno3t4QZQ3rAHXJ9g742opw/ERBvhILgrEhkzj:WTfFDbRnOTrA3J7X6ERTILgrEY

Score

8^/10

Malware Config

Targets

- Target
  
  cc0ee135e8c1a4965ada891bfd41766a1ed6de2572b2dc59d21382a0c1b98be3
- Size
  
  189KB
- MD5
  
  faedbcf321ba854987021ab388b7262a
- SHA1
  
  f7403a753a97882ed90b7b29bb45be8c059cb869
- SHA256
  
  cc0ee135e8c1a4965ada891bfd41766a1ed6de2572b2dc59d21382a0c1b98be3
- SHA512
  
  0d0fadf9e324245bf0faf90afea69b61fb8cc58dad63040d19174eac019d24658c4ec1648bc0c19c26314b6adc9f8c0713647d784e42d9682000c9943b06c3cd
- SSDEEP
  
  3072:WwxVMhOC/dTDbq91+mno3t4QZQ3rAHXJ9g742opw/ERBvhILgrEhkzj:WTfFDbRnOTrA3J7X6ERTILgrEY
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2