c0f1fcf51e692ff417adead33da7b06e764ec5c4a9907b364fa86feef6bdfbe9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c0f1fcf51e692ff417adead33da7b06e764ec5c4a9907b364fa86feef6bdfbe9
Size

28KB
Sample

240612-eeah3azfrc
MD5

671e6b2dda7ae10ffec7796d73abae8d
SHA1

4e10b5d76bebaa5aa8a7903028619264f0a706d6
SHA256

c0f1fcf51e692ff417adead33da7b06e764ec5c4a9907b364fa86feef6bdfbe9
SHA512

23243e6590a245f314e30abdd4fc0d4bc088eccf101cce82c1e03635a28de8df0298356c4748e66c147a53d11d59d93a6588bd3a12969cdd4c295d416a4e2f6a
SSDEEP

384:pfYXCqgQ0YuuclmIt13vfdHldhwLGEGS+OGa0MPKS:hmCeXuucVt13vfdHldhwyE7+OGa0MiS

Score

7^/10

Malware Config

Targets

- Target
  
  c0f1fcf51e692ff417adead33da7b06e764ec5c4a9907b364fa86feef6bdfbe9
- Size
  
  28KB
- MD5
  
  671e6b2dda7ae10ffec7796d73abae8d
- SHA1
  
  4e10b5d76bebaa5aa8a7903028619264f0a706d6
- SHA256
  
  c0f1fcf51e692ff417adead33da7b06e764ec5c4a9907b364fa86feef6bdfbe9
- SHA512
  
  23243e6590a245f314e30abdd4fc0d4bc088eccf101cce82c1e03635a28de8df0298356c4748e66c147a53d11d59d93a6588bd3a12969cdd4c295d416a4e2f6a
- SSDEEP
  
  384:pfYXCqgQ0YuuclmIt13vfdHldhwLGEGS+OGa0MPKS:hmCeXuucVt13vfdHldhwyE7+OGa0MiS
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2