9be24b5620f91a390cec4c24d6b418366c6cb917f81d4fcb39ac1b7dafe7f5b3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c017d2c8dfd86a9534fa7314d2f1f46
Size

294KB
Sample

231230-c6sgvaecam
MD5

0c017d2c8dfd86a9534fa7314d2f1f46
SHA1

2c3acea2d0b5b953f58696a776e8bbd11dfcb7f6
SHA256

9be24b5620f91a390cec4c24d6b418366c6cb917f81d4fcb39ac1b7dafe7f5b3
SHA512

3f0c2a9f6cd7ad4eb5c821d297d46946394bb2f900478b56da4214515c24cc37b05cd6e3f859187cebb5146068f52b64b29d4961e2f52ea2180e22670e32b7e7
SSDEEP

6144:Mlxlt7b8pljdSaqYBZamRM8wGoGQW8ErbSDO1Wz/Y/NYVu:2x37b8pGarBl9wtGQYvST8/V

Score

7^/10

Malware Config

Targets

- Target
  
  0c017d2c8dfd86a9534fa7314d2f1f46
- Size
  
  294KB
- MD5
  
  0c017d2c8dfd86a9534fa7314d2f1f46
- SHA1
  
  2c3acea2d0b5b953f58696a776e8bbd11dfcb7f6
- SHA256
  
  9be24b5620f91a390cec4c24d6b418366c6cb917f81d4fcb39ac1b7dafe7f5b3
- SHA512
  
  3f0c2a9f6cd7ad4eb5c821d297d46946394bb2f900478b56da4214515c24cc37b05cd6e3f859187cebb5146068f52b64b29d4961e2f52ea2180e22670e32b7e7
- SSDEEP
  
  6144:Mlxlt7b8pljdSaqYBZamRM8wGoGQW8ErbSDO1Wz/Y/NYVu:2x37b8pGarBl9wtGQYvST8/V
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2