c4923cd0534a46278c8467c3e6cb139ae44fb8a0d3b3e567bf80dad94ad605e7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c4923cd0534a46278c8467c3e6cb139ae44fb8a0d3b3e567bf80dad94ad605e7_JC.rar
Size

4.3MB
Sample

231014-awqjdsfh71
MD5

0d5a8a8f51eda9d7fecaba1d27d4ba54
SHA1

5a192478cd3fb669976bdd567e3e80d9565fb172
SHA256

c4923cd0534a46278c8467c3e6cb139ae44fb8a0d3b3e567bf80dad94ad605e7
SHA512

f8aaaf0fc94a169c9d21d45d6c2d4e024b0bf3a95309e3daaf2d90eb43e7da20545fe3ee0979242675cef7f25b898222c9af3e6b90eecb3cf63459a8e8ab1ef8
SSDEEP

98304:CGiXTSTu+Gl+o1miqI8rEN2UKUZnlVQ2X50o+7Dw+vcfVIQUZnlVQ2X50o+7DA+D:CZSTu+GDjB8oN7le25+7D74Sle25+7Dn

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  ISSetup.dll
- Size
  
  773KB
- MD5
  
  a17a7931b3524d05253c5aa3d06fd364
- SHA1
  
  f8fdbf930d7d4178f464c0e5f9dc3ae510760747
- SHA256
  
  36a641a6639d6e64bba621ef1b7c1ec69be52a53a9168be2a8a50ee1c0394e8c
- SHA512
  
  32aba57d57b1d664aa9023ed249a59c797f92ec4a966de7499f91f05f9b0242ccc75b44dc7ef9d3962bc7d7232fc7f30a95ce890f4ac41b369c6252b117849a8
- SSDEEP
  
  12288:ju4+8dmpdCVCkg2jLX5aCRIOMK9Ji0BHY5MqZ9BpD1CsXyibT9JHW:juegpcVCgjr5aCBHH69RCG72
Score

1^/10
behavioral1 behavioral2
- Target
  
  Install Updater (silent).hta
- Size
  
  1.3MB
- MD5
  
  1d79ae342a84393e3b52a239e48e25db
- SHA1
  
  4aaa0e4a1f56df8c163ed051e4ba140984748a31
- SHA256
  
  deef9b58009eedec781267660e50de1ae404656d0d4b556feead857cd94b8156
- SHA512
  
  340407374ef1ad16da7374f123b8f7dd0c5aedb24bce2d36a904d4385328b7b6a31729a8409d67795baff9a3832d3a48712c8e6cc32b6db8117371d227cc7f4a
- SSDEEP
  
  6144:tkDlvmcFdKukb08m+dQx/EIAJyZffYISZ/:vZ/
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral3 behavioral4
- Target
  
  important/AsusSetup.exe
- Size
  
  3.5MB
- MD5
  
  a547de1f9045f898f0343b587a83dee2
- SHA1
  
  fe92740da99492b7cedfaa000b2be6e7b86f6c43
- SHA256
  
  e02fab50474e40135d29bab85823f715239f28e0af2e3b603536be9839a0f9c5
- SHA512
  
  deafcd51d4e2b7d1e0f7841850e58eae7da44f5e6ec31d1887ac0784e2afaabf1906aa80b5a47ebf2c6d157486d1cbe593c3025cbb1085b5bd36b473824cb925
- SSDEEP
  
  98304:3t4aYo4EQz0pscuHh3OFuLEfPrzgpkFLOAkGkzdnEVomFHKnPwJ:3BBM2vvfPrzgOFLOyomFHKnPwJ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral5 behavioral6
- Target
  
  important/ISSetup.dll
- Size
  
  773KB
- MD5
  
  a17a7931b3524d05253c5aa3d06fd364
- SHA1
  
  f8fdbf930d7d4178f464c0e5f9dc3ae510760747
- SHA256
  
  36a641a6639d6e64bba621ef1b7c1ec69be52a53a9168be2a8a50ee1c0394e8c
- SHA512
  
  32aba57d57b1d664aa9023ed249a59c797f92ec4a966de7499f91f05f9b0242ccc75b44dc7ef9d3962bc7d7232fc7f30a95ce890f4ac41b369c6252b117849a8
- SSDEEP
  
  12288:ju4+8dmpdCVCkg2jLX5aCRIOMK9Ji0BHY5MqZ9BpD1CsXyibT9JHW:juegpcVCgjr5aCBHH69RCG72
Score

1^/10
behavioral7 behavioral8
- Target
  
  important/setup.exe
- Size
  
  1.1MB
- MD5
  
  85781f3e560cd56ffdb395b90eb6c3c5
- SHA1
  
  9c79fd1c43d86e175ed0f858d24b253d402b2c58
- SHA256
  
  2bdbda22178207fe5dc4ad303e4dfbc5d01a0d52781a67933fce2c1a50dfccc1
- SHA512
  
  bb02b9531b26325f6476d64e53e91e058d1f11ddb636eea95c78a5f4aabb9a03288bc1d6d71bd0c5fa63d5232f78f1b5fc11b7ac31b754e7b7888597bbf3a2ca
- SSDEEP
  
  24576:qwV7Ct+TyBk+By4uPNB3C6llllmQlcukCoCW+R:HV7CETyBk+By4u1llllHlNneW
Score

4^/10

discovery
behavioral10 behavioral9
- Target
  
  unistall.exe
- Size
  
  1.1MB
- MD5
  
  85781f3e560cd56ffdb395b90eb6c3c5
- SHA1
  
  9c79fd1c43d86e175ed0f858d24b253d402b2c58
- SHA256
  
  2bdbda22178207fe5dc4ad303e4dfbc5d01a0d52781a67933fce2c1a50dfccc1
- SHA512
  
  bb02b9531b26325f6476d64e53e91e058d1f11ddb636eea95c78a5f4aabb9a03288bc1d6d71bd0c5fa63d5232f78f1b5fc11b7ac31b754e7b7888597bbf3a2ca
- SSDEEP
  
  24576:qwV7Ct+TyBk+By4uPNB3C6llllmQlcukCoCW+R:HV7CETyBk+By4u1llllHlNneW
Score

1^/10
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12