b43596d5a955b11ebd7dd3fae2858419ddb1b9c6a40264a78b207d3081248a99 | Triage

Sharing

General

Target

cfb48e49bd464f09c5b3563c3f3d81ef.bin
Size

36KB
Sample

240329-efyx2shb4t
MD5

cfb48e49bd464f09c5b3563c3f3d81ef
SHA1

cbc19f1ae78498a3944781b565ff06af647ec09b
SHA256

b43596d5a955b11ebd7dd3fae2858419ddb1b9c6a40264a78b207d3081248a99
SHA512

ec815c159d03a509356421fe52698096ec799990ceccf2d035025ca66d3bf07b149e72ada8149e96edb134161a6b400067531d21964e70f9518870c4f12c8994
SSDEEP

384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZCb9q8Iujdxy:b/yC4GyNM01GuQMNXw2PSj1Pqq8By

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  cfb48e49bd464f09c5b3563c3f3d81ef.bin
- Size
  
  36KB
- MD5
  
  cfb48e49bd464f09c5b3563c3f3d81ef
- SHA1
  
  cbc19f1ae78498a3944781b565ff06af647ec09b
- SHA256
  
  b43596d5a955b11ebd7dd3fae2858419ddb1b9c6a40264a78b207d3081248a99
- SHA512
  
  ec815c159d03a509356421fe52698096ec799990ceccf2d035025ca66d3bf07b149e72ada8149e96edb134161a6b400067531d21964e70f9518870c4f12c8994
- SSDEEP
  
  384:bM7Q0pjC4GybxMv01d3AcASBQMf6i/zzzcYgUPSzn1KkZCb9q8Iujdxy:b/yC4GyNM01GuQMNXw2PSj1Pqq8By
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2