c9aa9a2d2d7f229f26699f4f24a209dcb5e96a23e00fa5bac8578d06b10bd75b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c9aa9a2d2d7f229f26699f4f24a209dcb5e96a23e00fa5bac8578d06b10bd75b
Size

26KB
Sample

241013-dns64azhlk
MD5

efa9777bc247d8a26344a3a4e8e29076
SHA1

a411f5751390f74d93b74fbf7e0ba7c9a0f195da
SHA256

c9aa9a2d2d7f229f26699f4f24a209dcb5e96a23e00fa5bac8578d06b10bd75b
SHA512

83ec1ce26fa6e892bcc865f9749b3a3db34749744116cf5e608715dca3034b3b9c9dbeb1ba856597ea4d9b5c4f37e11a3d34a964b38bc6b6cd57bf1fe822eae0
SSDEEP

768:LR8OHqd3X2mTggggggLvggggggggSUAc6nNyk:fcGK+nNl

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  c9aa9a2d2d7f229f26699f4f24a209dcb5e96a23e00fa5bac8578d06b10bd75b
- Size
  
  26KB
- MD5
  
  efa9777bc247d8a26344a3a4e8e29076
- SHA1
  
  a411f5751390f74d93b74fbf7e0ba7c9a0f195da
- SHA256
  
  c9aa9a2d2d7f229f26699f4f24a209dcb5e96a23e00fa5bac8578d06b10bd75b
- SHA512
  
  83ec1ce26fa6e892bcc865f9749b3a3db34749744116cf5e608715dca3034b3b9c9dbeb1ba856597ea4d9b5c4f37e11a3d34a964b38bc6b6cd57bf1fe822eae0
- SSDEEP
  
  768:LR8OHqd3X2mTggggggLvggggggggSUAc6nNyk:fcGK+nNl
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2