c50f8bf94e8f2cffbd660f3419f14addc30ece7b3c1af6ecd4df2bc2f8679037 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c50f8bf94e8f2cffbd660f3419f14addc30ece7b3c1af6ecd4df2bc2f8679037
Size

206KB
Sample

230607-px53ssae98
MD5

b59e30364a773b8e87056ddeb28e457c
SHA1

95992adbfb48e6386e312b0df0c68d2cd1f09f21
SHA256

c50f8bf94e8f2cffbd660f3419f14addc30ece7b3c1af6ecd4df2bc2f8679037
SHA512

4c0e1fbc38f577cfef21f7e90c0fc73e93e8e0cdde587e925df0d6735688c614d5ad8dd2bacbeabfb6fea8caaef6d502a04158afe952d826cebb15a0aebf0d4d
SSDEEP

3072:meTRJ0kHbnpN23kQKp5XzutZXKGrpeN84LuZAIybiy3xEfbi:FTR2AnpN2wDurXBeBuZAIMEj

Score

7^/10

Malware Config

Targets

- Target
  
  c50f8bf94e8f2cffbd660f3419f14addc30ece7b3c1af6ecd4df2bc2f8679037
- Size
  
  206KB
- MD5
  
  b59e30364a773b8e87056ddeb28e457c
- SHA1
  
  95992adbfb48e6386e312b0df0c68d2cd1f09f21
- SHA256
  
  c50f8bf94e8f2cffbd660f3419f14addc30ece7b3c1af6ecd4df2bc2f8679037
- SHA512
  
  4c0e1fbc38f577cfef21f7e90c0fc73e93e8e0cdde587e925df0d6735688c614d5ad8dd2bacbeabfb6fea8caaef6d502a04158afe952d826cebb15a0aebf0d4d
- SSDEEP
  
  3072:meTRJ0kHbnpN23kQKp5XzutZXKGrpeN84LuZAIybiy3xEfbi:FTR2AnpN2wDurXBeBuZAIMEj
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1