9d834e675f206e961bcf9ace6507b2b6bf2a3b7b1b5a03fd6b771046e603a4d7 | Triage

Sharing

General

Target

faedf8bcd08ab56558cb4bfd32d8d47e_JC.exe
Size

873KB
Sample

231011-2bfbgaga9x
MD5

faedf8bcd08ab56558cb4bfd32d8d47e
SHA1

b1599ed21234519b9d0ccc3a54075cda700b92bd
SHA256

9d834e675f206e961bcf9ace6507b2b6bf2a3b7b1b5a03fd6b771046e603a4d7
SHA512

d231e1fe656e54c89afa6944788839f541f51f6e515df8b6d69e9bffba63245fa953fa0215454ff5da3327f01c069d7aad1b472a771b2560544da5d647e22623
SSDEEP

12288:EMSApJVYG5lDLyjsb0eOzkv4R7QnvUUilQ35+6G75V9YPYYV/nT5V/GSL7j:EnsJ39LyjbJkQFMhmC+6GD9GVVPT7h

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  faedf8bcd08ab56558cb4bfd32d8d47e_JC.exe
- Size
  
  873KB
- MD5
  
  faedf8bcd08ab56558cb4bfd32d8d47e
- SHA1
  
  b1599ed21234519b9d0ccc3a54075cda700b92bd
- SHA256
  
  9d834e675f206e961bcf9ace6507b2b6bf2a3b7b1b5a03fd6b771046e603a4d7
- SHA512
  
  d231e1fe656e54c89afa6944788839f541f51f6e515df8b6d69e9bffba63245fa953fa0215454ff5da3327f01c069d7aad1b472a771b2560544da5d647e22623
- SSDEEP
  
  12288:EMSApJVYG5lDLyjsb0eOzkv4R7QnvUUilQ35+6G75V9YPYYV/nT5V/GSL7j:EnsJ39LyjbJkQFMhmC+6GD9GVVPT7h
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2