cf012ec8f7bc81f97692912b4962914d941f25cff2358674bd52a8ddd03b22bc | Triage

Submit
Reports

Overview

overview

7

Static

static

4

Coffalyser.Net.zip

windows10-2004-x64

7

Coffalyser.Net.msi

windows10-2004-x64

6

setup.exe

windows10-2004-x64

7

Sharing

General

Target

Coffalyser.Net.zip
Size

6.6MB
Sample

240426-f97mqaad86
MD5

bdf2133ed0094dc3bef1c1ad2b8b3fd9
SHA1

e564a09e8f6c6a8ad515cd63f1fe76e92be7f43f
SHA256

cf012ec8f7bc81f97692912b4962914d941f25cff2358674bd52a8ddd03b22bc
SHA512

9590952005cdd1123eed8e790fd7a78d039e0c282ad53a8d5038ced10007d353d9bbf714b73ce2f08af807b55307a5fc5765a93b1f71ecacb4763bf566db5f09
SSDEEP

196608:PUHo8U517s/uN9db+QmoBHywxhMQum4bb39e8wv:PUq517XN9BRMQuRRc

Score

7^/10

link pdf

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Coffalyser.Net.zip

Resource

win10v2004-20240412-en

windows10-2004-x64

13 signatures

1800 seconds

Behavioral task

behavioral2

Sample

Coffalyser.Net.msi

Resource

win10v2004-20240412-en

windows10-2004-x64

5 signatures

1800 seconds

Behavioral task

behavioral3

Sample

setup.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

7 signatures

1800 seconds

Malware Config

Targets

- Target
  
  Coffalyser.Net.zip
- Size
  
  6.6MB
- MD5
  
  bdf2133ed0094dc3bef1c1ad2b8b3fd9
- SHA1
  
  e564a09e8f6c6a8ad515cd63f1fe76e92be7f43f
- SHA256
  
  cf012ec8f7bc81f97692912b4962914d941f25cff2358674bd52a8ddd03b22bc
- SHA512
  
  9590952005cdd1123eed8e790fd7a78d039e0c282ad53a8d5038ced10007d353d9bbf714b73ce2f08af807b55307a5fc5765a93b1f71ecacb4763bf566db5f09
- SSDEEP
  
  196608:PUHo8U517s/uN9db+QmoBHywxhMQum4bb39e8wv:PUq517XN9BRMQuRRc
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1
- Target
  
  Coffalyser.Net.msi
- Size
  
  3.5MB
- MD5
  
  addd9d4f6f554012abd98b0cfaeeefe6
- SHA1
  
  3c05dc5ef8f3c29d85d6c31aad5d57377660660e
- SHA256
  
  d15a9c675609d588840194282816c6e62446d4d7d9f581132b16018298d12c9d
- SHA512
  
  5fb20470cf8b9e0ca195c8d5b8180b41ed60f9b503aee9330197b5f9a8421501adf941c9c18ec8506dd8896b7f19fe3ddbd54b568c9e4e520e3c9cd1ea53dc58
- SSDEEP
  
  98304:rmYic5MtlBioDDzgzvOMGQxqRMRCLDzOnZbqk1GrdS2gQM:5iqMkoDDzgSeq1DWegQ
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral2
- Target
  
  setup.exe
- Size
  
  551KB
- MD5
  
  a6bfd232cd3f026cc10d2d7597007e2e
- SHA1
  
  5d5d89ab30246607f5de4b16261bc979ec326b61
- SHA256
  
  71d5516b46e73e7ce162aab263f02e12a45491f9f6877ddfba0ff4955515abc9
- SHA512
  
  3ba12250612a5fec2693bd7ed590342270d1af66fb499f6857d435b3ece6c766b76cfc80325627f1cb2deaa78a269a9da290182549467f46bf47f76a4f951829
- SSDEEP
  
  12288:4kJP0dKY+GshK6UTJUI72dW8eMb01JQntLOCMGle:4bdKJGnUIN8emMGA
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral3

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

© 2018-2024

Terms | Privacy