cfb14ad8591be82092334fb7278b0955b7194f27788316518568fe52f4d762e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfb14ad8591be82092334fb7278b0955b7194f27788316518568fe52f4d762e9
Size

1.1MB
Sample

240929-zz3essvdjh
MD5

b0d3378fe4d4a45081a8d666cfa77381
SHA1

c7406024360954b6552c802e0077327bf2c3f17e
SHA256

cfb14ad8591be82092334fb7278b0955b7194f27788316518568fe52f4d762e9
SHA512

6c6b23132da444917d2671cd47ffab1cee3d822720ebc77d7df7de62e177dbc815746347f7a01cd49f5fd97075316de7c154aece0d466a85a314254a91f5d741
SSDEEP

24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5QA:acallSllG4ZM7QzMn

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  cfb14ad8591be82092334fb7278b0955b7194f27788316518568fe52f4d762e9
- Size
  
  1.1MB
- MD5
  
  b0d3378fe4d4a45081a8d666cfa77381
- SHA1
  
  c7406024360954b6552c802e0077327bf2c3f17e
- SHA256
  
  cfb14ad8591be82092334fb7278b0955b7194f27788316518568fe52f4d762e9
- SHA512
  
  6c6b23132da444917d2671cd47ffab1cee3d822720ebc77d7df7de62e177dbc815746347f7a01cd49f5fd97075316de7c154aece0d466a85a314254a91f5d741
- SSDEEP
  
  24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5QA:acallSllG4ZM7QzMn
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2