ba42688729765cf811596d050ec7fd0606d68bf9cd1ec6a34aa703bfd2532267 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a48fbf5868bff7_JC.exe
Size

86KB
Sample

230717-w525faed34
MD5

a48fbf5868bff76129525e6e2eda95f8
SHA1

fd015a26a11da2662fba950c6213a5ed63242554
SHA256

ba42688729765cf811596d050ec7fd0606d68bf9cd1ec6a34aa703bfd2532267
SHA512

90a8f6e7c94e136cdc821bace88cdada5fd85b3c2bd2e72e65fa587a331f943069dcd1a70e53c76175ba5f84da703975a1272c998a46ded6411f6adfd6416c0f
SSDEEP

1536:vj+jsMQMOtEvwDpj5H8u8rBN6nqEZNieRpJ:vCjsIOtEvwDpj5H8zPk

Score

7^/10

Malware Config

Targets

- Target
  
  a48fbf5868bff7_JC.exe
- Size
  
  86KB
- MD5
  
  a48fbf5868bff76129525e6e2eda95f8
- SHA1
  
  fd015a26a11da2662fba950c6213a5ed63242554
- SHA256
  
  ba42688729765cf811596d050ec7fd0606d68bf9cd1ec6a34aa703bfd2532267
- SHA512
  
  90a8f6e7c94e136cdc821bace88cdada5fd85b3c2bd2e72e65fa587a331f943069dcd1a70e53c76175ba5f84da703975a1272c998a46ded6411f6adfd6416c0f
- SSDEEP
  
  1536:vj+jsMQMOtEvwDpj5H8u8rBN6nqEZNieRpJ:vCjsIOtEvwDpj5H8zPk
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2