8181f8649f925d7287a21e8d8dfdc625a856b771f0b9525481c2c717bbf4d3f6 | Triage

Sharing

General

Target

9f12a20a022ff1_JC.exe
Size

61KB
Sample

230717-waxlgaea22
MD5

9f12a20a022ff1518dfc6d978e7f6966
SHA1

3e0e596c139f77b26d3da4de1597ee88d144b7fe
SHA256

8181f8649f925d7287a21e8d8dfdc625a856b771f0b9525481c2c717bbf4d3f6
SHA512

b37056fdfe645ea6dc723053949587ca21918f744cb9b9acd3a1109e0e258076effc6de5930f98ad7e40d5c1bd2cc22cadcfef7021d41177259b2e9fae3fa334
SSDEEP

768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MzI6:i5nkFGMOtEvwDpjNbwQE0

Score

7^/10

Malware Config

Targets

- Target
  
  9f12a20a022ff1_JC.exe
- Size
  
  61KB
- MD5
  
  9f12a20a022ff1518dfc6d978e7f6966
- SHA1
  
  3e0e596c139f77b26d3da4de1597ee88d144b7fe
- SHA256
  
  8181f8649f925d7287a21e8d8dfdc625a856b771f0b9525481c2c717bbf4d3f6
- SHA512
  
  b37056fdfe645ea6dc723053949587ca21918f744cb9b9acd3a1109e0e258076effc6de5930f98ad7e40d5c1bd2cc22cadcfef7021d41177259b2e9fae3fa334
- SSDEEP
  
  768:XS5nQJ24LR1bytOOtEvwDpjNbZ7uyA36S7MzI6:i5nkFGMOtEvwDpjNbwQE0
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2