5ca84cf244f7188989c6ec0f1651d3fb1782c54c72f3b0036c8aebbfec018f5c | Triage

Sharing

General

Target

5ca84cf244f7188989c6ec0f1651d3fb1782c54c72f3b0036c8aebbfec018f5c
Size

1.1MB
Sample

240521-sp351sac8s
MD5

5e671b506290f309a6f0e29264942fca
SHA1

de6cf98dc4d09d1eb3b60d83125f146af5311847
SHA256

5ca84cf244f7188989c6ec0f1651d3fb1782c54c72f3b0036c8aebbfec018f5c
SHA512

df5640e5897a6a7b016327fc3d2ce9ca196592b779fd1d3d6b377ad594e395af36185f66215cad9dadde67ddad8f369c0c6628c97adb9bc310a15bc08b9ddad0
SSDEEP

24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5QM:acallSllG4ZM7QzML

Score

7^/10

Malware Config

Targets

- Target
  
  5ca84cf244f7188989c6ec0f1651d3fb1782c54c72f3b0036c8aebbfec018f5c
- Size
  
  1.1MB
- MD5
  
  5e671b506290f309a6f0e29264942fca
- SHA1
  
  de6cf98dc4d09d1eb3b60d83125f146af5311847
- SHA256
  
  5ca84cf244f7188989c6ec0f1651d3fb1782c54c72f3b0036c8aebbfec018f5c
- SHA512
  
  df5640e5897a6a7b016327fc3d2ce9ca196592b779fd1d3d6b377ad594e395af36185f66215cad9dadde67ddad8f369c0c6628c97adb9bc310a15bc08b9ddad0
- SSDEEP
  
  24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5QM:acallSllG4ZM7QzML
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2