f8adade3b40754606aa596eab5e01fbceb7719ec5dfbec30ee67e0f5c080f085 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

F189JD39I39Old.zip
Size

21.6MB
Sample

230516-ypzqgsbd9v
MD5

a8bd25565b8967c5b1e4b9fbe8911719
SHA1

a78e3dcf517e3d8070cea535f09ce1ef68d0b242
SHA256

f8adade3b40754606aa596eab5e01fbceb7719ec5dfbec30ee67e0f5c080f085
SHA512

a5f89b184d85def1436dab723418e0a9100dc305c411e0397f00faf26bae31030d7bcdd14c0287fa7ac17c2849417f3a2ef3bdcdb80aa0b07327f9bfcff2e907
SSDEEP

393216:JaXZBjlELKkZwRyClDNmno9oMAAKNe7jZPFIZLBA0OBM5ILU685O14wb3yUo7G+V:JKBjRkZWyClt9o3AKNeqLBnSLU68whbC

Score

7^/10

Malware Config

Targets

- Target
  
  BSPlayer/cdburner.exe
- Size
  
  1.6MB
- MD5
  
  bdc0cff1e6e3db489864041a623f0d1e
- SHA1
  
  cf1beeec71abbfbe8a6f47abaaa6c1af2fee37dc
- SHA256
  
  585741ca3c4041bb39d107f1f159d908650967fbccac3a491bca389cc4ba0769
- SHA512
  
  aeaf1d2da43584ae91ea032c59a945ab91f721cc3b5bb98c2c7096dfd8c728b4ebf735491e06e934b4b1c9f1ccc719f950ad6f45e212f638b52c7af5efcc18db
- SSDEEP
  
  49152:H4jyNKd2Bqc8Y7IDbauSVGDzhGjThGDzhmj8L5NsmK2:H4Fd2Bqc8Y7IDbauSVGDzhGjThGDzhmL
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1