76465863089ece91dfcafbcf35b4129659eee5bb53ac9a9add3b95c77c9022fc | Triage

Sharing

General

Target

0c648321522607509014810fa9850703.bin
Size

2.5MB
Sample

231117-bevbpacf46
MD5

0c648321522607509014810fa9850703
SHA1

637691d6383617223d3e560dca72cb47cd9df0e8
SHA256

76465863089ece91dfcafbcf35b4129659eee5bb53ac9a9add3b95c77c9022fc
SHA512

e9476fecdaafb141e77500878c2f5503a19ca810ffa5cf5bccf28599242f7a32021ea840aac7d174a3fff4d64131aca3ac9779b2b6f8cc96301befa55b15ed2f
SSDEEP

49152:Co5P6mI0jX9MTqoQQzLrk3PxbFszLJpRgmjXB2LtBasOrlSi0GTIzVIBDwN3CX/T:Co5RM5zc3PxezrjXM+skSqIqeNK

Score

8^/10

Malware Config

Targets

- Target
  
  0c648321522607509014810fa9850703.bin
- Size
  
  2.5MB
- MD5
  
  0c648321522607509014810fa9850703
- SHA1
  
  637691d6383617223d3e560dca72cb47cd9df0e8
- SHA256
  
  76465863089ece91dfcafbcf35b4129659eee5bb53ac9a9add3b95c77c9022fc
- SHA512
  
  e9476fecdaafb141e77500878c2f5503a19ca810ffa5cf5bccf28599242f7a32021ea840aac7d174a3fff4d64131aca3ac9779b2b6f8cc96301befa55b15ed2f
- SSDEEP
  
  49152:Co5P6mI0jX9MTqoQQzLrk3PxbFszLJpRgmjXB2LtBasOrlSi0GTIzVIBDwN3CX/T:Co5RM5zc3PxezrjXM+skSqIqeNK
Score

8^/10
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2