f0ebad99ccea722bc70acc070243c953a892ed4f208af17255f161e97864aa57 | Triage

Sharing

General

Target

f0ebad99ccea722bc70acc070243c953a892ed4f208af17255f161e97864aa57
Size

19KB
Sample

221004-h88vhahedk
MD5

4cf693bc52164a4c9fa8d2b07cbde7c0
SHA1

06538ff4b865ec39b98fb9e56234abc3f3f1a7e5
SHA256

f0ebad99ccea722bc70acc070243c953a892ed4f208af17255f161e97864aa57
SHA512

858a29852282558a4212eac04b73394754ea63dd8c61465b54efd4a9e257f1ec7e72a06478ea0d837f1952640d38d0eb9731377676c28f7dbcf34cab6e09eea0
SSDEEP

384:JC+EaVVpDSL/7wIUAch1A9NB/erdO9oMCCQcxbRxla09I:JSfL/76As1FdMQ8RjaD

Score

8^/10

Malware Config

Targets

- Target
  
  f0ebad99ccea722bc70acc070243c953a892ed4f208af17255f161e97864aa57
- Size
  
  19KB
- MD5
  
  4cf693bc52164a4c9fa8d2b07cbde7c0
- SHA1
  
  06538ff4b865ec39b98fb9e56234abc3f3f1a7e5
- SHA256
  
  f0ebad99ccea722bc70acc070243c953a892ed4f208af17255f161e97864aa57
- SHA512
  
  858a29852282558a4212eac04b73394754ea63dd8c61465b54efd4a9e257f1ec7e72a06478ea0d837f1952640d38d0eb9731377676c28f7dbcf34cab6e09eea0
- SSDEEP
  
  384:JC+EaVVpDSL/7wIUAch1A9NB/erdO9oMCCQcxbRxla09I:JSfL/76As1FdMQ8RjaD
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2