ed440cbe1c8f604cc3595b91d0c442148e51dcff578f216237b2a626fc7df3f5 | Triage

Sharing

General

Target

ed440cbe1c8f604cc3595b91d0c442148e51dcff578f216237b2a626fc7df3f5
Size

28KB
Sample

221020-fp9lksfba6
MD5

7cd3fa5c8d3c3730dd7cfd13649e6ee9
SHA1

9127b742ee66a055709e348d8934b0c04409a7cc
SHA256

ed440cbe1c8f604cc3595b91d0c442148e51dcff578f216237b2a626fc7df3f5
SHA512

d5caaa22de36a8e119f16d96a196147065ce7efa7b7dc0bf38ba2731de0599ea9c38cd5ee4ecadcb3f9e261f6c01678a9d3abf5cd52542d8550d69ada7d62eef
SSDEEP

384:/TNUFewBPnrm+zmD+aC+EA33nDQKXhFlzQKXCFlmEvJrIRtDr4EYs81fp:/oPybiqXDQKQMEviTsEA1f

Score

8^/10

Malware Config

Targets

- Target
  
  ed440cbe1c8f604cc3595b91d0c442148e51dcff578f216237b2a626fc7df3f5
- Size
  
  28KB
- MD5
  
  7cd3fa5c8d3c3730dd7cfd13649e6ee9
- SHA1
  
  9127b742ee66a055709e348d8934b0c04409a7cc
- SHA256
  
  ed440cbe1c8f604cc3595b91d0c442148e51dcff578f216237b2a626fc7df3f5
- SHA512
  
  d5caaa22de36a8e119f16d96a196147065ce7efa7b7dc0bf38ba2731de0599ea9c38cd5ee4ecadcb3f9e261f6c01678a9d3abf5cd52542d8550d69ada7d62eef
- SSDEEP
  
  384:/TNUFewBPnrm+zmD+aC+EA33nDQKXhFlzQKXCFlmEvJrIRtDr4EYs81fp:/oPybiqXDQKQMEviTsEA1f
Score

8^/10
- Drops file in Drivers directory
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2