8d5026a1e35e0f048ac104618d97933a79f0a858fcb00e99853ef324c72b331d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c0bd9478b1a0e77b07220d7015ceca0_JC.exe
Size

521KB
Sample

231001-nphf4abg42
MD5

1c0bd9478b1a0e77b07220d7015ceca0
SHA1

51d2149194b19fb713d2a419976fdeca254cb4f6
SHA256

8d5026a1e35e0f048ac104618d97933a79f0a858fcb00e99853ef324c72b331d
SHA512

e685c1d71c00bc046a536214b1db43057b828ca35f583641958cfa5d7a879750f9777d77059f385550c67ec714d07299df0d8c561ad658cf0d51921edb55b9bf
SSDEEP

3072:pCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxm:pqDAwl0xPTMiR9JSSxPUKYGdodH5

Score

7^/10

Malware Config

Targets

- Target
  
  1c0bd9478b1a0e77b07220d7015ceca0_JC.exe
- Size
  
  521KB
- MD5
  
  1c0bd9478b1a0e77b07220d7015ceca0
- SHA1
  
  51d2149194b19fb713d2a419976fdeca254cb4f6
- SHA256
  
  8d5026a1e35e0f048ac104618d97933a79f0a858fcb00e99853ef324c72b331d
- SHA512
  
  e685c1d71c00bc046a536214b1db43057b828ca35f583641958cfa5d7a879750f9777d77059f385550c67ec714d07299df0d8c561ad658cf0d51921edb55b9bf
- SSDEEP
  
  3072:pCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxm:pqDAwl0xPTMiR9JSSxPUKYGdodH5
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2