2cfeea10f8281c39c61f7cac0c7605d3794b232e503abff016269856283c4664 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2cfeea10f8281c39c61f7cac0c7605d3794b232e503abff016269856283c4664
Size

206KB
Sample

230607-p4dl5aaf82
MD5

635d2ba35e6d7b9979b7df4459961d7d
SHA1

23748365418ae75ff0e6c1fb3fa2151f4c7e29c2
SHA256

2cfeea10f8281c39c61f7cac0c7605d3794b232e503abff016269856283c4664
SHA512

ae0a7de537edd00f2e24d8a1d31c82a4084b5b5ff15a477876f128dddc8c97fb87888934378c5836dd42e53c1f544eef01c20afd467a6f38dbc5501b21315911
SSDEEP

3072:meTRJ0kHbnpN23kQKp5XzutZXKGrpeN84LuZAIybiy3xEfbi:FTR2AnpN2wDurXBeBuZAIMEj

Score

7^/10

Malware Config

Targets

- Target
  
  2cfeea10f8281c39c61f7cac0c7605d3794b232e503abff016269856283c4664
- Size
  
  206KB
- MD5
  
  635d2ba35e6d7b9979b7df4459961d7d
- SHA1
  
  23748365418ae75ff0e6c1fb3fa2151f4c7e29c2
- SHA256
  
  2cfeea10f8281c39c61f7cac0c7605d3794b232e503abff016269856283c4664
- SHA512
  
  ae0a7de537edd00f2e24d8a1d31c82a4084b5b5ff15a477876f128dddc8c97fb87888934378c5836dd42e53c1f544eef01c20afd467a6f38dbc5501b21315911
- SSDEEP
  
  3072:meTRJ0kHbnpN23kQKp5XzutZXKGrpeN84LuZAIybiy3xEfbi:FTR2AnpN2wDurXBeBuZAIMEj
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1