c9b2cd2b4e74a523171f25efea6f79d5126cd6988e7a8ed5bb791e14e6d3b510 | Triage

Sharing

General

Target

c9b2cd2b4e74a523171f25efea6f79d5126cd6988e7a8ed5bb791e14e6d3b510
Size

1.1MB
Sample

240525-ydek6sfg4t
MD5

c4ed985cca6e8f1352a7f9c1cca21b01
SHA1

04a054cff46c717a120d3a120c994e098c598f89
SHA256

c9b2cd2b4e74a523171f25efea6f79d5126cd6988e7a8ed5bb791e14e6d3b510
SHA512

5b21e26d2a1e320f785abb22910d1760b42a7074ce5a5d9ceced48a4bcbd1fd85b7678ee911a1a11c3e7e26448bb1f45a986e1841b693773b1a50bce1b65de3a
SSDEEP

24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5QS:acallSllG4ZM7QzMB

Score

7^/10

Malware Config

Targets

- Target
  
  c9b2cd2b4e74a523171f25efea6f79d5126cd6988e7a8ed5bb791e14e6d3b510
- Size
  
  1.1MB
- MD5
  
  c4ed985cca6e8f1352a7f9c1cca21b01
- SHA1
  
  04a054cff46c717a120d3a120c994e098c598f89
- SHA256
  
  c9b2cd2b4e74a523171f25efea6f79d5126cd6988e7a8ed5bb791e14e6d3b510
- SHA512
  
  5b21e26d2a1e320f785abb22910d1760b42a7074ce5a5d9ceced48a4bcbd1fd85b7678ee911a1a11c3e7e26448bb1f45a986e1841b693773b1a50bce1b65de3a
- SSDEEP
  
  24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5QS:acallSllG4ZM7QzMB
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2