cb4bfb47003d89e2efe3fe4c9d1274daab06de5ed1925e95b65cdb037c6e3eee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cb4bfb47003d89e2efe3fe4c9d1274daab06de5ed1925e95b65cdb037c6e3eee
Size

224KB
Sample

240507-brkm1sfa26
MD5

d0731a96d4163c9f8945dcd15700d422
SHA1

80b360fa30bf9f014414247fb9b5479e23f8816e
SHA256

cb4bfb47003d89e2efe3fe4c9d1274daab06de5ed1925e95b65cdb037c6e3eee
SHA512

a4e9a570b054774afaa774782242fe42a877d01126145f409797368c543148eccbab571eb6b481c79465bfb567275bb786a0faa33cf6e8636ff5db50cef22df6
SSDEEP

3072:Gw8KFC7j7hCjG8G3GbGVGBGfGuGxGWYcrf6Kad0:GwxFCH7AYcD6Kad

Score

7^/10

Malware Config

Targets

- Target
  
  cb4bfb47003d89e2efe3fe4c9d1274daab06de5ed1925e95b65cdb037c6e3eee
- Size
  
  224KB
- MD5
  
  d0731a96d4163c9f8945dcd15700d422
- SHA1
  
  80b360fa30bf9f014414247fb9b5479e23f8816e
- SHA256
  
  cb4bfb47003d89e2efe3fe4c9d1274daab06de5ed1925e95b65cdb037c6e3eee
- SHA512
  
  a4e9a570b054774afaa774782242fe42a877d01126145f409797368c543148eccbab571eb6b481c79465bfb567275bb786a0faa33cf6e8636ff5db50cef22df6
- SSDEEP
  
  3072:Gw8KFC7j7hCjG8G3GbGVGBGfGuGxGWYcrf6Kad0:GwxFCH7AYcD6Kad
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2