db8a4d2b870cbc5581ee7971bde83d8505095263b6bc6d62e9ad22f26ec66ad2 | Triage

Sharing

General

Target

DFS9.exe
Size

816KB
Sample

231012-l42r6seb45
MD5

8ccc540e621dbd594a250602be782beb
SHA1

5c937ce065b74f772dc890f3b326de1db4d722f7
SHA256

db8a4d2b870cbc5581ee7971bde83d8505095263b6bc6d62e9ad22f26ec66ad2
SHA512

d36b40293e30459256e475de0681774c9106def34705d5452b8ce08d03c8cbcb317d0d0bd42085dfd90a7b5c253fd5af2823bafa26d6f9389bfe3eaf4da35062
SSDEEP

24576:CyLXbx9+HdsAMHztfuC56GhZh4Z7CMF33C:CyLXdhAMHoCJhZ2Z7RF33C

Score

7^/10

Malware Config

Targets

- Target
  
  DFS9.exe
- Size
  
  816KB
- MD5
  
  8ccc540e621dbd594a250602be782beb
- SHA1
  
  5c937ce065b74f772dc890f3b326de1db4d722f7
- SHA256
  
  db8a4d2b870cbc5581ee7971bde83d8505095263b6bc6d62e9ad22f26ec66ad2
- SHA512
  
  d36b40293e30459256e475de0681774c9106def34705d5452b8ce08d03c8cbcb317d0d0bd42085dfd90a7b5c253fd5af2823bafa26d6f9389bfe3eaf4da35062
- SSDEEP
  
  24576:CyLXbx9+HdsAMHztfuC56GhZh4Z7CMF33C:CyLXdhAMHoCJhZ2Z7RF33C
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2