3beb6926f920b26bb1a7ca4f8cee1f20eeea2bc660ddd2b16b04c7cd01d97231 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2fd6cdf7c8f3cb7f6cfe19ad9f0bb8ac.exe
Size

206KB
Sample

230608-c9wnnsbb58
MD5

2fd6cdf7c8f3cb7f6cfe19ad9f0bb8ac
SHA1

7c07447426c8b0188c01b8d49a347da2c42c45ab
SHA256

3beb6926f920b26bb1a7ca4f8cee1f20eeea2bc660ddd2b16b04c7cd01d97231
SHA512

607e5e1e51858cfc920da5bf6eca67f5643818dbad35caff6b70d9cf9751c189d529fc8633224b8c7a486a684cbb44a353b5372515ef4483ae5d55caa84c2c7b
SSDEEP

3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij

Score

7^/10

Malware Config

Targets

- Target
  
  2fd6cdf7c8f3cb7f6cfe19ad9f0bb8ac.exe
- Size
  
  206KB
- MD5
  
  2fd6cdf7c8f3cb7f6cfe19ad9f0bb8ac
- SHA1
  
  7c07447426c8b0188c01b8d49a347da2c42c45ab
- SHA256
  
  3beb6926f920b26bb1a7ca4f8cee1f20eeea2bc660ddd2b16b04c7cd01d97231
- SHA512
  
  607e5e1e51858cfc920da5bf6eca67f5643818dbad35caff6b70d9cf9751c189d529fc8633224b8c7a486a684cbb44a353b5372515ef4483ae5d55caa84c2c7b
- SSDEEP
  
  3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2