6fc81134bdc16bd0dabd6e04be385f477d961f6487adaa69e187f57dfaeb3660 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fc81134bdc16bd0dabd6e04be385f477d961f6487adaa69e187f57dfaeb3660
Size

1.1MB
Sample

240525-1lrxksca82
MD5

7e81a9cd62cf4f99e0a3c7332bc789a6
SHA1

d062d8499d6a59864f1b26b151a5af94db5cc523
SHA256

6fc81134bdc16bd0dabd6e04be385f477d961f6487adaa69e187f57dfaeb3660
SHA512

3fbdaf0955cee5adc6793ac1a7ca7fe7197f3a8560015e92aba057987dd8e2abd8118b4f6805957ba1a750a254f4bd3684ae2f4413c1414b2c19fb9021cb7db8
SSDEEP

24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5Qy:CcaClSFlG4ZM7QzMR

Score

7^/10

Malware Config

Targets

- Target
  
  6fc81134bdc16bd0dabd6e04be385f477d961f6487adaa69e187f57dfaeb3660
- Size
  
  1.1MB
- MD5
  
  7e81a9cd62cf4f99e0a3c7332bc789a6
- SHA1
  
  d062d8499d6a59864f1b26b151a5af94db5cc523
- SHA256
  
  6fc81134bdc16bd0dabd6e04be385f477d961f6487adaa69e187f57dfaeb3660
- SHA512
  
  3fbdaf0955cee5adc6793ac1a7ca7fe7197f3a8560015e92aba057987dd8e2abd8118b4f6805957ba1a750a254f4bd3684ae2f4413c1414b2c19fb9021cb7db8
- SSDEEP
  
  24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5Qy:CcaClSFlG4ZM7QzMR
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2