0c65fded3bcb7fcccbad3371d0d2a984d08aa727fd922c2eb4b9faad9bcdb0f7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c65fded3bcb7fcccbad3371d0d2a984d08aa727fd922c2eb4b9faad9bcdb0f7
Size

1.1MB
Sample

240913-ym8klswdmd
MD5

b0f1b4f9ea9ac79ac795e3bd326c47f7
SHA1

b5bcc3501f103fe2f44704f4ea42e4c0992db3a1
SHA256

0c65fded3bcb7fcccbad3371d0d2a984d08aa727fd922c2eb4b9faad9bcdb0f7
SHA512

d051156c28f2065b36b5aff0007739f72e1e8e972040cdc62188b80e4e6fbb41eda5585d2bb6a808aaabeac9d06dd5302e00358731141526a1e783d603f47201
SSDEEP

24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5Qb:CcaClSFlG4ZM7QzMc

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0c65fded3bcb7fcccbad3371d0d2a984d08aa727fd922c2eb4b9faad9bcdb0f7
- Size
  
  1.1MB
- MD5
  
  b0f1b4f9ea9ac79ac795e3bd326c47f7
- SHA1
  
  b5bcc3501f103fe2f44704f4ea42e4c0992db3a1
- SHA256
  
  0c65fded3bcb7fcccbad3371d0d2a984d08aa727fd922c2eb4b9faad9bcdb0f7
- SHA512
  
  d051156c28f2065b36b5aff0007739f72e1e8e972040cdc62188b80e4e6fbb41eda5585d2bb6a808aaabeac9d06dd5302e00358731141526a1e783d603f47201
- SSDEEP
  
  24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5Qb:CcaClSFlG4ZM7QzMc
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2