eeb21c58674c992682b4595432caf0c6ab7bdbc254ac6957f58eadf62e9cfe77 | Triage

Sharing

General

Target

eeb21c58674c992682b4595432caf0c6ab7bdbc254ac6957f58eadf62e9cfe77
Size

54KB
Sample

221123-k3hr8sdd7v
MD5

4805c7620b3f6d4aabbecc8d4bd28006
SHA1

c8bde5b6beb60791c68db35252d739a687e4011b
SHA256

eeb21c58674c992682b4595432caf0c6ab7bdbc254ac6957f58eadf62e9cfe77
SHA512

64432c118b9bc3ce1d68c84041ee552b1c05939d9ad125698e00446f726860415816bc60d0b37e747321583700617493acd3161cfe1567bdf93ac4fc1764aea9
SSDEEP

768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/7pZjEcoy/v/KxG:V3cpyORJLuB4P4AJJv4Romu/1BybS+M

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  eeb21c58674c992682b4595432caf0c6ab7bdbc254ac6957f58eadf62e9cfe77
- Size
  
  54KB
- MD5
  
  4805c7620b3f6d4aabbecc8d4bd28006
- SHA1
  
  c8bde5b6beb60791c68db35252d739a687e4011b
- SHA256
  
  eeb21c58674c992682b4595432caf0c6ab7bdbc254ac6957f58eadf62e9cfe77
- SHA512
  
  64432c118b9bc3ce1d68c84041ee552b1c05939d9ad125698e00446f726860415816bc60d0b37e747321583700617493acd3161cfe1567bdf93ac4fc1764aea9
- SSDEEP
  
  768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/7pZjEcoy/v/KxG:V3cpyORJLuB4P4AJJv4Romu/1BybS+M
Score

10^/10

evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2