fe5a61d902fda17b20ed1d687ed141963d308f88cda5ca5cbe4402037abc0936 | Triage

Sharing

General

Target

fe5a61d902fda17b20ed1d687ed141963d308f88cda5ca5cbe4402037abc0936
Size

28KB
Sample

221021-ekq31abagk
MD5

69398882063fe4d57568acbae2a2e570
SHA1

4594b2f7ee6c3854228c2a43b4f448e3d4ed222f
SHA256

fe5a61d902fda17b20ed1d687ed141963d308f88cda5ca5cbe4402037abc0936
SHA512

64d292635391410f343ca8056cf14eaf27509a07ae3df64b7403ffcb7a2152edf61a8992f9487fb187eb5ac014f67c0f3d14f8e760772b0c92667ae259ef41e7
SSDEEP

768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjBVaDd:X6QFElP6n+gJQMOtEvwDpjBc

Score

8^/10

Malware Config

Targets

- Target
  
  fe5a61d902fda17b20ed1d687ed141963d308f88cda5ca5cbe4402037abc0936
- Size
  
  28KB
- MD5
  
  69398882063fe4d57568acbae2a2e570
- SHA1
  
  4594b2f7ee6c3854228c2a43b4f448e3d4ed222f
- SHA256
  
  fe5a61d902fda17b20ed1d687ed141963d308f88cda5ca5cbe4402037abc0936
- SHA512
  
  64d292635391410f343ca8056cf14eaf27509a07ae3df64b7403ffcb7a2152edf61a8992f9487fb187eb5ac014f67c0f3d14f8e760772b0c92667ae259ef41e7
- SSDEEP
  
  768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjBVaDd:X6QFElP6n+gJQMOtEvwDpjBc
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2