29e147a6c6cee9512858286552ae641eecc45e9fb83a67554ba0a42487b31352 | Triage

Sharing

General

Target

b3f7a0d4ebb387_JC.exe
Size

87KB
Sample

230718-p8nynabb81
MD5

b3f7a0d4ebb387185e4f7d1cb4607cf3
SHA1

b7a3f4902cb56e7f0513582983eaf49e4fbf3cf9
SHA256

29e147a6c6cee9512858286552ae641eecc45e9fb83a67554ba0a42487b31352
SHA512

a90ac8c49686cb72f89d1f7ebfd15142cd2ec8740ab146d9d208b0fe93b2ff3bf4e0492a2ea6326202889230c1ced8198356dc7cc376e6187f22578026b17bb1
SSDEEP

1536:vj+jsMQMOtEvwDpj5H8u8rBN6nqEZNieRpp:vCjsIOtEvwDpj5H8zPM

Score

7^/10

Malware Config

Targets

- Target
  
  b3f7a0d4ebb387_JC.exe
- Size
  
  87KB
- MD5
  
  b3f7a0d4ebb387185e4f7d1cb4607cf3
- SHA1
  
  b7a3f4902cb56e7f0513582983eaf49e4fbf3cf9
- SHA256
  
  29e147a6c6cee9512858286552ae641eecc45e9fb83a67554ba0a42487b31352
- SHA512
  
  a90ac8c49686cb72f89d1f7ebfd15142cd2ec8740ab146d9d208b0fe93b2ff3bf4e0492a2ea6326202889230c1ced8198356dc7cc376e6187f22578026b17bb1
- SSDEEP
  
  1536:vj+jsMQMOtEvwDpj5H8u8rBN6nqEZNieRpp:vCjsIOtEvwDpj5H8zPM
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2