85e3ad22eaa193bb05c0f2523b474bed1340984c090a9f8fae4a6d23bb0dd7e8 | Triage

Sharing

General

Target

4f18c6ca0ec71b0750ee9ed18011596c_JC.exe
Size

328KB
Sample

231012-caxfxsha2x
MD5

4f18c6ca0ec71b0750ee9ed18011596c
SHA1

9c89964751da79d90a03160ea341f2f795a0c7fd
SHA256

85e3ad22eaa193bb05c0f2523b474bed1340984c090a9f8fae4a6d23bb0dd7e8
SHA512

829bb7351a7365d66ee7281bd496d52aa41fbbd867d3841e9686f8df71a913ff931548cafdde8c2e9ea354877cf4f015f6e7c3bfb5e7f4a072b6026ca4e658c8
SSDEEP

3072:oYUb5QoJ4g+Ci9RXxKZjKIz1ZdW4SrOLVSVp9LmL58HR/u:oYESRXxKhKSZI4zLVSVpRm92R/u

Score

7^/10

Malware Config

Targets

- Target
  
  4f18c6ca0ec71b0750ee9ed18011596c_JC.exe
- Size
  
  328KB
- MD5
  
  4f18c6ca0ec71b0750ee9ed18011596c
- SHA1
  
  9c89964751da79d90a03160ea341f2f795a0c7fd
- SHA256
  
  85e3ad22eaa193bb05c0f2523b474bed1340984c090a9f8fae4a6d23bb0dd7e8
- SHA512
  
  829bb7351a7365d66ee7281bd496d52aa41fbbd867d3841e9686f8df71a913ff931548cafdde8c2e9ea354877cf4f015f6e7c3bfb5e7f4a072b6026ca4e658c8
- SSDEEP
  
  3072:oYUb5QoJ4g+Ci9RXxKZjKIz1ZdW4SrOLVSVp9LmL58HR/u:oYESRXxKhKSZI4zLVSVpRm92R/u
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2