fb6c66afee480eac1225f803d1890abe5c11bd84c0037bcef64a24f5549bd9af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb6c66afee480eac1225f803d1890abe5c11bd84c0037bcef64a24f5549bd9af
Size

1.7MB
Sample

231012-f4j98shf71
MD5

8c7b3a9ca83c08bc24837572034f7ddb
SHA1

bda6d0b4d0e79a303ce95ac76e953a80edb7eab0
SHA256

fb6c66afee480eac1225f803d1890abe5c11bd84c0037bcef64a24f5549bd9af
SHA512

83cbecb1d0735e082efb04cb2916977eaf735b78cd55a1898f34ef2908be980e591246a5de7dc189322b5fffe5534071e1cf84b6d1b2b13af3cfd849722e00d9
SSDEEP

24576:rQa+rRep38knZGbO4oFya8ZbRxaiXvnEc3Suvb7sNPwEFfTPCRi4Vz:rZ+rRe3zn4ioa8ZbRMiXO07sNPwERWV

Score

7^/10

Malware Config

Targets

- Target
  
  fb6c66afee480eac1225f803d1890abe5c11bd84c0037bcef64a24f5549bd9af
- Size
  
  1.7MB
- MD5
  
  8c7b3a9ca83c08bc24837572034f7ddb
- SHA1
  
  bda6d0b4d0e79a303ce95ac76e953a80edb7eab0
- SHA256
  
  fb6c66afee480eac1225f803d1890abe5c11bd84c0037bcef64a24f5549bd9af
- SHA512
  
  83cbecb1d0735e082efb04cb2916977eaf735b78cd55a1898f34ef2908be980e591246a5de7dc189322b5fffe5534071e1cf84b6d1b2b13af3cfd849722e00d9
- SSDEEP
  
  24576:rQa+rRep38knZGbO4oFya8ZbRxaiXvnEc3Suvb7sNPwEFfTPCRi4Vz:rZ+rRe3zn4ioa8ZbRMiXO07sNPwERWV
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2