79d88b7c267cae1846aa6bae37d1a2cf25d9cce617b7658ca305ef86a6c312af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c86abab45675140a992d0bdc6ca018e2_JC.exe
Size

610KB
Sample

231011-wpn8msfd25
MD5

c86abab45675140a992d0bdc6ca018e2
SHA1

0ec25e5d965558aafcf5b2dd0a1a0c251540dc20
SHA256

79d88b7c267cae1846aa6bae37d1a2cf25d9cce617b7658ca305ef86a6c312af
SHA512

faf55c90a82e80a87952665aaeba17c363f3b06d0d364d254f042263a54b3ca668fbed1d73087aacf0604d83cdc42a831a48ffe635ae197dd3dd9aef25b8bde8
SSDEEP

3072:iCaoAs1k1Pol0xPTM7mBCAdJSSxPUkl3ViFNdAMQTCk/dN92sdNhavtrVdewnAx+:iqDwwl0xPTMiB9JSSxPUKIWdod3Xm4

Score

7^/10

Malware Config

Targets

- Target
  
  c86abab45675140a992d0bdc6ca018e2_JC.exe
- Size
  
  610KB
- MD5
  
  c86abab45675140a992d0bdc6ca018e2
- SHA1
  
  0ec25e5d965558aafcf5b2dd0a1a0c251540dc20
- SHA256
  
  79d88b7c267cae1846aa6bae37d1a2cf25d9cce617b7658ca305ef86a6c312af
- SHA512
  
  faf55c90a82e80a87952665aaeba17c363f3b06d0d364d254f042263a54b3ca668fbed1d73087aacf0604d83cdc42a831a48ffe635ae197dd3dd9aef25b8bde8
- SSDEEP
  
  3072:iCaoAs1k1Pol0xPTM7mBCAdJSSxPUkl3ViFNdAMQTCk/dN92sdNhavtrVdewnAx+:iqDwwl0xPTMiB9JSSxPUKIWdod3Xm4
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2