971b2771cd73dae05f56e5a6d5053a8cbe1fc60b0cab90da3d80376a90fbba8e | Triage

Sharing

General

Target

971b2771cd73dae05f56e5a6d5053a8cbe1fc60b0cab90da3d80376a90fbba8e
Size

1.1MB
Sample

240523-crebnsac3v
MD5

0f43ff66f607dfa1a624abe9d9caf525
SHA1

9cd5da59d585e1f4f3b3bb3ae97838479f56eb3f
SHA256

971b2771cd73dae05f56e5a6d5053a8cbe1fc60b0cab90da3d80376a90fbba8e
SHA512

d2b95bf16da4b1f1f772014a0f218eabb3b444e82473e6e610c56c24664166f2a3b743f718dae1fa0e0b6199e204b16c5204b358188b9a51c753a388660396bf
SSDEEP

24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5Qd:CcaClSFlG4ZM7QzMm

Score

7^/10

Malware Config

Targets

- Target
  
  971b2771cd73dae05f56e5a6d5053a8cbe1fc60b0cab90da3d80376a90fbba8e
- Size
  
  1.1MB
- MD5
  
  0f43ff66f607dfa1a624abe9d9caf525
- SHA1
  
  9cd5da59d585e1f4f3b3bb3ae97838479f56eb3f
- SHA256
  
  971b2771cd73dae05f56e5a6d5053a8cbe1fc60b0cab90da3d80376a90fbba8e
- SHA512
  
  d2b95bf16da4b1f1f772014a0f218eabb3b444e82473e6e610c56c24664166f2a3b743f718dae1fa0e0b6199e204b16c5204b358188b9a51c753a388660396bf
- SSDEEP
  
  24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5Qd:CcaClSFlG4ZM7QzMm
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2