caaff78729b94263f1971062f120aabb1c93019b4c870e88a27225bf6b0925fc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

caaff78729b94263f1971062f120aabb1c93019b4c870e88a27225bf6b0925fc
Size

1.7MB
Sample

240612-pw833avfma
MD5

2dcf1f91fefdb56f5e52ff08ef87f892
SHA1

cb023705f10d1dc2ea8e8bd6098c3fb5c221ffd5
SHA256

caaff78729b94263f1971062f120aabb1c93019b4c870e88a27225bf6b0925fc
SHA512

f08056d570a34ee444c6e04d0d8a72113476397a98d41b9a9e27aefdaa5f3b2d891f574c327054b166ec2f2d4b700d7441b2c0ed3864a416dc40e8046618c860
SSDEEP

24576:NXBA8669k5kxJjl9hqlGV77JH6q/eC8C1QDpMOeTS8z1HCICgqwfN/V:FBA86ck5kxptE4Nz8eTDz1iIhNd

Score

7^/10

Malware Config

Targets

- Target
  
  caaff78729b94263f1971062f120aabb1c93019b4c870e88a27225bf6b0925fc
- Size
  
  1.7MB
- MD5
  
  2dcf1f91fefdb56f5e52ff08ef87f892
- SHA1
  
  cb023705f10d1dc2ea8e8bd6098c3fb5c221ffd5
- SHA256
  
  caaff78729b94263f1971062f120aabb1c93019b4c870e88a27225bf6b0925fc
- SHA512
  
  f08056d570a34ee444c6e04d0d8a72113476397a98d41b9a9e27aefdaa5f3b2d891f574c327054b166ec2f2d4b700d7441b2c0ed3864a416dc40e8046618c860
- SSDEEP
  
  24576:NXBA8669k5kxJjl9hqlGV77JH6q/eC8C1QDpMOeTS8z1HCICgqwfN/V:FBA86ck5kxptE4Nz8eTDz1iIhNd
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2