e19e92308a0f36cf3de48aba6d968d47e1776105622c47481c20c76600ac4af9 | Triage

Sharing

General

Target

c2366c6bdbe1cf73d9a5143bdfb174be_JC.exe
Size

124KB
Sample

231010-1ffmcsce6y
MD5

c2366c6bdbe1cf73d9a5143bdfb174be
SHA1

af6d1f0615d206a1cf5924d35ed39c581e2b498a
SHA256

e19e92308a0f36cf3de48aba6d968d47e1776105622c47481c20c76600ac4af9
SHA512

d1cacab1421573dc360cf4d4e4bc3a5045f7e840b94b76b71734f7e81414449440b31de367ad9df04a34642ecc20d87b8f0913d5a23558ceb5edae1bdfcb2b9b
SSDEEP

3072:a27TcK5uQxqTvCIDw0x+G3dF/Ytq7xIpNelN:/cguamrL/v7xIpNiN

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  c2366c6bdbe1cf73d9a5143bdfb174be_JC.exe
- Size
  
  124KB
- MD5
  
  c2366c6bdbe1cf73d9a5143bdfb174be
- SHA1
  
  af6d1f0615d206a1cf5924d35ed39c581e2b498a
- SHA256
  
  e19e92308a0f36cf3de48aba6d968d47e1776105622c47481c20c76600ac4af9
- SHA512
  
  d1cacab1421573dc360cf4d4e4bc3a5045f7e840b94b76b71734f7e81414449440b31de367ad9df04a34642ecc20d87b8f0913d5a23558ceb5edae1bdfcb2b9b
- SSDEEP
  
  3072:a27TcK5uQxqTvCIDw0x+G3dF/Ytq7xIpNelN:/cguamrL/v7xIpNiN
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
- Checks for any installed AV software in registry
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Software Discovery

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2