4dfbef2a0e1cb903e479e67a571da62afa09b75728b9efee6355fa378c5ad68a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

TrafficerMC-2.1-windows-x64 (1).exe
Size

62.6MB
Sample

230312-vqxqqsgf5v
MD5

1ed5b3d92ef8905a13521d1ebdf49462
SHA1

8ce8289e9fffa829c170296c698d17a7c252f964
SHA256

4dfbef2a0e1cb903e479e67a571da62afa09b75728b9efee6355fa378c5ad68a
SHA512

cb70e507bd74119c7f9ea28e5db4deaed2b3ac8a78870944adf2a6c29961e95b8a08590792ef0043ac21b784932e9b2cfafb3c39f48e6ed5b71190786ac986bd
SSDEEP

1572864:V85m+vGOwOHfPjr1s7azim3gSpKhCyO5ggv5tmKFCK87:crvlFCalgk5yO5gQXFCt7

Score

7^/10

Malware Config

Targets

- Target
  
  TrafficerMC-2.1-windows-x64 (1).exe
- Size
  
  62.6MB
- MD5
  
  1ed5b3d92ef8905a13521d1ebdf49462
- SHA1
  
  8ce8289e9fffa829c170296c698d17a7c252f964
- SHA256
  
  4dfbef2a0e1cb903e479e67a571da62afa09b75728b9efee6355fa378c5ad68a
- SHA512
  
  cb70e507bd74119c7f9ea28e5db4deaed2b3ac8a78870944adf2a6c29961e95b8a08590792ef0043ac21b784932e9b2cfafb3c39f48e6ed5b71190786ac986bd
- SSDEEP
  
  1572864:V85m+vGOwOHfPjr1s7azim3gSpKhCyO5ggv5tmKFCK87:crvlFCalgk5yO5gQXFCt7
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2