9c9f5ae505724d9fe164d552ca99802de2212db17b4f4b15ade6b73e8b0ff633 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9c9f5ae505724d9fe164d552ca99802de2212db17b4f4b15ade6b73e8b0ff633
Size

205KB
Sample

230607-n4c5xsad9t
MD5

e18ce6828fb1dd74fd41099dd42ba05b
SHA1

83b6541469a42eef131c266470553c354fe43442
SHA256

9c9f5ae505724d9fe164d552ca99802de2212db17b4f4b15ade6b73e8b0ff633
SHA512

57ee9e1633bf1f1fe3d60fffca78f7a9749af765d5c58a9c6303d906ff39b6343e2cee777a1ed105f2a67d38b4094190a8da511ddc6c1357ec239fe60990331a
SSDEEP

3072:meTRJ0kHbnpN23kQKp5XzutZXKGrpeN84LuZAIybiy3xEfbi:FTR2AnpN2wDurXBeBuZAIMEj

Score

7^/10

Malware Config

Targets

- Target
  
  9c9f5ae505724d9fe164d552ca99802de2212db17b4f4b15ade6b73e8b0ff633
- Size
  
  205KB
- MD5
  
  e18ce6828fb1dd74fd41099dd42ba05b
- SHA1
  
  83b6541469a42eef131c266470553c354fe43442
- SHA256
  
  9c9f5ae505724d9fe164d552ca99802de2212db17b4f4b15ade6b73e8b0ff633
- SHA512
  
  57ee9e1633bf1f1fe3d60fffca78f7a9749af765d5c58a9c6303d906ff39b6343e2cee777a1ed105f2a67d38b4094190a8da511ddc6c1357ec239fe60990331a
- SSDEEP
  
  3072:meTRJ0kHbnpN23kQKp5XzutZXKGrpeN84LuZAIybiy3xEfbi:FTR2AnpN2wDurXBeBuZAIMEj
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1