6532f323bbb6da41ee57f3712ba6bb722bacb4fd7181cae8937ed8cdc5f7f6a2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0cf04dcf0468484eb769a46366532e39
Size

3.4MB
Sample

231230-dzxzescaap
MD5

0cf04dcf0468484eb769a46366532e39
SHA1

1a15610c2a65674fa316c827eb61d1861b60862d
SHA256

6532f323bbb6da41ee57f3712ba6bb722bacb4fd7181cae8937ed8cdc5f7f6a2
SHA512

dff0ba2633b83e46dfe3e214d097b017d9e6f6e85b02d542987dd15cd9e35b33af8ffc300e0d82bc2044f6ff37fbb501d5cc6c5f4bed47a618e8ac7da251c339
SSDEEP

98304:Z41B5Wg+wAAbq0QOKrD8snUoVYoxkkG2:Z+B4GOOKcUUFP52

Score

8^/10

Malware Config

Targets

- Target
  
  0cf04dcf0468484eb769a46366532e39
- Size
  
  3.4MB
- MD5
  
  0cf04dcf0468484eb769a46366532e39
- SHA1
  
  1a15610c2a65674fa316c827eb61d1861b60862d
- SHA256
  
  6532f323bbb6da41ee57f3712ba6bb722bacb4fd7181cae8937ed8cdc5f7f6a2
- SHA512
  
  dff0ba2633b83e46dfe3e214d097b017d9e6f6e85b02d542987dd15cd9e35b33af8ffc300e0d82bc2044f6ff37fbb501d5cc6c5f4bed47a618e8ac7da251c339
- SSDEEP
  
  98304:Z41B5Wg+wAAbq0QOKrD8snUoVYoxkkG2:Z+B4GOOKcUUFP52
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2