bc536dad2849c890546ff3c195df0f341c7b04f97fcd1d4e08fe1385b3f2643c | Triage

Sharing

General

Target

a3bec9fb7bcb83_JC.exe
Size

35KB
Sample

230717-wzmskaec68
MD5

a3bec9fb7bcb83d090fda4b2d9d6d1b6
SHA1

69951b375a0741ce41bc815a5f91592115329f19
SHA256

bc536dad2849c890546ff3c195df0f341c7b04f97fcd1d4e08fe1385b3f2643c
SHA512

e6a8f44bd22871d14833b98650625f4b4abdb1c0dc9ffb514e6ca71a61dceb545aca9a67def4ca364c46e0ef7a50b8eed85312e8b3b22ce0b93a83372ae5f515
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjxgqAhqOMpmTNAfu:ZzFbxmLPWQMOtEvwDpjx0qrmGG

Score

7^/10

Malware Config

Targets

- Target
  
  a3bec9fb7bcb83_JC.exe
- Size
  
  35KB
- MD5
  
  a3bec9fb7bcb83d090fda4b2d9d6d1b6
- SHA1
  
  69951b375a0741ce41bc815a5f91592115329f19
- SHA256
  
  bc536dad2849c890546ff3c195df0f341c7b04f97fcd1d4e08fe1385b3f2643c
- SHA512
  
  e6a8f44bd22871d14833b98650625f4b4abdb1c0dc9ffb514e6ca71a61dceb545aca9a67def4ca364c46e0ef7a50b8eed85312e8b3b22ce0b93a83372ae5f515
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjxgqAhqOMpmTNAfu:ZzFbxmLPWQMOtEvwDpjx0qrmGG
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2