c8d630329c4bd9e942d9d52f86d82a55ca351067a9a4dcb891ae20bfa64463f8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8d630329c4bd9e942d9d52f86d82a55ca351067a9a4dcb891ae20bfa64463f8
Size

206KB
Sample

230607-pf6b8sag5t
MD5

721a40024a9559d381f2ddd7ceffa64e
SHA1

ce4f99c515c279bba5fa0ff13a583a8a97ac3c5b
SHA256

c8d630329c4bd9e942d9d52f86d82a55ca351067a9a4dcb891ae20bfa64463f8
SHA512

7412d4739e3ff06cbe996cf4500abce29dc7ab18091f2fd8cfe5b5bf18ab376aedb9bb5bc3e41a462db60e4e7e52ba178a7f540b456f2f16dc0f4a33119f43fe
SSDEEP

3072:meTRJ0kHbnpN23kQKp5XzutZXKGrpeN84LuZAIybiy3xEfbi:FTR2AnpN2wDurXBeBuZAIMEj

Score

7^/10

Malware Config

Targets

- Target
  
  c8d630329c4bd9e942d9d52f86d82a55ca351067a9a4dcb891ae20bfa64463f8
- Size
  
  206KB
- MD5
  
  721a40024a9559d381f2ddd7ceffa64e
- SHA1
  
  ce4f99c515c279bba5fa0ff13a583a8a97ac3c5b
- SHA256
  
  c8d630329c4bd9e942d9d52f86d82a55ca351067a9a4dcb891ae20bfa64463f8
- SHA512
  
  7412d4739e3ff06cbe996cf4500abce29dc7ab18091f2fd8cfe5b5bf18ab376aedb9bb5bc3e41a462db60e4e7e52ba178a7f540b456f2f16dc0f4a33119f43fe
- SSDEEP
  
  3072:meTRJ0kHbnpN23kQKp5XzutZXKGrpeN84LuZAIybiy3xEfbi:FTR2AnpN2wDurXBeBuZAIMEj
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1