0eb6ceddb8f003fa6596975e4c6369f8db6b6fe2e2aaa7858c334fab0898f22a | Triage

Sharing

General

Target

0eb6ceddb8f003fa6596975e4c6369f8db6b6fe2e2aaa7858c334fab0898f22a
Size

108KB
Sample

221020-2dpypahbfq
MD5

6ae76c346240ff328edf310bf9ac2b40
SHA1

f703530eac3112b96fba6d06759cc3aa31a3a9dc
SHA256

0eb6ceddb8f003fa6596975e4c6369f8db6b6fe2e2aaa7858c334fab0898f22a
SHA512

da4b8ec70dc3f673b19e67e9bf1c2964c8c12ec4a7970a7ebb2b253a10175ee8133fbbdc802318a692b03a66fe6d7bcdcc3457ff8521ffa36babcfb1212d7b8f
SSDEEP

1536:rnCmqcUkUHjyz+Ug5Tncp4HjBobaMyOqXkV5fxTiQqAF8W4A1q:TDLUHvUgNcCHjBoba0V5ZTiQqDA1

Score

7^/10

Malware Config

Targets

- Target
  
  0eb6ceddb8f003fa6596975e4c6369f8db6b6fe2e2aaa7858c334fab0898f22a
- Size
  
  108KB
- MD5
  
  6ae76c346240ff328edf310bf9ac2b40
- SHA1
  
  f703530eac3112b96fba6d06759cc3aa31a3a9dc
- SHA256
  
  0eb6ceddb8f003fa6596975e4c6369f8db6b6fe2e2aaa7858c334fab0898f22a
- SHA512
  
  da4b8ec70dc3f673b19e67e9bf1c2964c8c12ec4a7970a7ebb2b253a10175ee8133fbbdc802318a692b03a66fe6d7bcdcc3457ff8521ffa36babcfb1212d7b8f
- SSDEEP
  
  1536:rnCmqcUkUHjyz+Ug5Tncp4HjBobaMyOqXkV5fxTiQqAF8W4A1q:TDLUHvUgNcCHjBoba0V5ZTiQqDA1
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2