4f9d023f62f5f92fe41f829249d8a0a2188feef7af7ad91c7dda9eb168bd63a9 | Triage

Sharing

General

Target

649c7336a78588_JC.exe
Size

75KB
Sample

230716-mbnwaafa8s
MD5

649c7336a78588dc01365e8b275ea6ac
SHA1

21b7e2419baffbc82fe8f7293ca8bf6fa63646c6
SHA256

4f9d023f62f5f92fe41f829249d8a0a2188feef7af7ad91c7dda9eb168bd63a9
SHA512

024cc19b938135af1f5b09a4d33bd57cf6ea9bcaafab787978fd649878d085a02d0fe3bcef1951641c76e187c89785ea3a8fd78a67ec2c16e296fcc4a166c9a9
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJNpsAnJYqdIR+2:ZVxkGOtEvwDpjcNI

Score

7^/10

Malware Config

Targets

- Target
  
  649c7336a78588_JC.exe
- Size
  
  75KB
- MD5
  
  649c7336a78588dc01365e8b275ea6ac
- SHA1
  
  21b7e2419baffbc82fe8f7293ca8bf6fa63646c6
- SHA256
  
  4f9d023f62f5f92fe41f829249d8a0a2188feef7af7ad91c7dda9eb168bd63a9
- SHA512
  
  024cc19b938135af1f5b09a4d33bd57cf6ea9bcaafab787978fd649878d085a02d0fe3bcef1951641c76e187c89785ea3a8fd78a67ec2c16e296fcc4a166c9a9
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJNpsAnJYqdIR+2:ZVxkGOtEvwDpjcNI
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2