0cdf6756346514b686a6b9b7fa08702a115c95fcbd1ab7ba7e09e11b43d4e887 | Triage

Sharing

General

Target

0cdf6756346514b686a6b9b7fa08702a115c95fcbd1ab7ba7e09e11b43d4e887N
Size

86KB
Sample

241005-xwmh3azcqr
MD5

69786c1d1d2f506f162eeac1a0f26070
SHA1

649458c4d2180bd36eec11f78a2e639aa591dcae
SHA256

0cdf6756346514b686a6b9b7fa08702a115c95fcbd1ab7ba7e09e11b43d4e887
SHA512

a40d476dd195b05fb2ce781450e6a9c792401bd6e9b76b3e7aa05e7448ebdeb92531effc17f6c9c83c3e329f03a40e7766d54167a30c25ddd47e95cc9115f28b
SSDEEP

192:C+OzRHB4PzHfuYpkVwHO6E5Yp1aiZ1K2sYyXF0Ca+:C+Ozz4Pz/uYp65Yp1aiTK17Xa+

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  0cdf6756346514b686a6b9b7fa08702a115c95fcbd1ab7ba7e09e11b43d4e887N
- Size
  
  86KB
- MD5
  
  69786c1d1d2f506f162eeac1a0f26070
- SHA1
  
  649458c4d2180bd36eec11f78a2e639aa591dcae
- SHA256
  
  0cdf6756346514b686a6b9b7fa08702a115c95fcbd1ab7ba7e09e11b43d4e887
- SHA512
  
  a40d476dd195b05fb2ce781450e6a9c792401bd6e9b76b3e7aa05e7448ebdeb92531effc17f6c9c83c3e329f03a40e7766d54167a30c25ddd47e95cc9115f28b
- SSDEEP
  
  192:C+OzRHB4PzHfuYpkVwHO6E5Yp1aiZ1K2sYyXF0Ca+:C+Ozz4Pz/uYp65Yp1aiTK17Xa+
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2