eaafb7915450bb43dc6d6227b6761f2f5dea9b632443f4bcf2efebed874f5da7 | Triage

Sharing

General

Target

eaafb7915450bb43dc6d6227b6761f2f5dea9b632443f4bcf2efebed874f5da7
Size

25KB
Sample

221020-szsr2abhe6
MD5

a08a0aa983e1c95c1b72394fd1b18e70
SHA1

58c3b51ccdb1aac67d09443e28a52b6f24bb7e52
SHA256

eaafb7915450bb43dc6d6227b6761f2f5dea9b632443f4bcf2efebed874f5da7
SHA512

968e1fc119ac2aa96067de653115d2f9c301e53e034b37ea5dfcbafbc789acb4155ac8f48aa5561df06c15cca24b564d851a9f29668205fc26a8ed890082f2fd
SSDEEP

768:DS7nh4aQC9xkV1tdgI2MyzNORQtOflIwoHNV2XBFV72B4lA7ZsUI+/V:DS7nK8eztdgI2MyzNORQtOflIwoHNV2u

Score

8^/10

Malware Config

Targets

- Target
  
  eaafb7915450bb43dc6d6227b6761f2f5dea9b632443f4bcf2efebed874f5da7
- Size
  
  25KB
- MD5
  
  a08a0aa983e1c95c1b72394fd1b18e70
- SHA1
  
  58c3b51ccdb1aac67d09443e28a52b6f24bb7e52
- SHA256
  
  eaafb7915450bb43dc6d6227b6761f2f5dea9b632443f4bcf2efebed874f5da7
- SHA512
  
  968e1fc119ac2aa96067de653115d2f9c301e53e034b37ea5dfcbafbc789acb4155ac8f48aa5561df06c15cca24b564d851a9f29668205fc26a8ed890082f2fd
- SSDEEP
  
  768:DS7nh4aQC9xkV1tdgI2MyzNORQtOflIwoHNV2XBFV72B4lA7ZsUI+/V:DS7nK8eztdgI2MyzNORQtOflIwoHNV2u
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2