b7ca0af6ebb94b8c93f63594b25bdde0799ae28ffd07b6b96ffe65f174f5b68e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7ca0af6ebb94b8c93f63594b25bdde0799ae28ffd07b6b96ffe65f174f5b68e
Size

1.1MB
Sample

240825-brtkxs1arf
MD5

0a7562f6cc3849738a02f4994808df78
SHA1

fd3d595c16b2529a5e62adcd9261d0f039e67b47
SHA256

b7ca0af6ebb94b8c93f63594b25bdde0799ae28ffd07b6b96ffe65f174f5b68e
SHA512

aa1626a5cf8b048beb1fda0058064d99c5f4039285fef6d041d96f23e5754b601553870a32a225b02d2949f40ba2fe87d9f38b1e9232e75b73d2303356699096
SSDEEP

24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5Qu:CcaClSFlG4ZM7QzM1

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  b7ca0af6ebb94b8c93f63594b25bdde0799ae28ffd07b6b96ffe65f174f5b68e
- Size
  
  1.1MB
- MD5
  
  0a7562f6cc3849738a02f4994808df78
- SHA1
  
  fd3d595c16b2529a5e62adcd9261d0f039e67b47
- SHA256
  
  b7ca0af6ebb94b8c93f63594b25bdde0799ae28ffd07b6b96ffe65f174f5b68e
- SHA512
  
  aa1626a5cf8b048beb1fda0058064d99c5f4039285fef6d041d96f23e5754b601553870a32a225b02d2949f40ba2fe87d9f38b1e9232e75b73d2303356699096
- SSDEEP
  
  24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5Qu:CcaClSFlG4ZM7QzM1
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2