1e666552a257cb3ce8ea4de868d27c0610e54bc5e6cd64a4a9be869a7bfa9f46 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1e666552a257cb3ce8ea4de868d27c0610e54bc5e6cd64a4a9be869a7bfa9f46
Size

1.9MB
Sample

221124-kyr54sch54
MD5

e66f3d4c9072ec5e652912387b8ecb10
SHA1

50235b5bb054887a210dfdd160ba2d60ff48e802
SHA256

1e666552a257cb3ce8ea4de868d27c0610e54bc5e6cd64a4a9be869a7bfa9f46
SHA512

fffc0dedc6f7cee77941486e3bd341b76de9ee54e728719a83a296ea93aa6243b8e4eb57dc8724b0fd11bd014a649ffed4955c0cbca26fedb139c4f39bb0631d
SSDEEP

49152:C3dO4wl1Xmw2LrqY4U/hGASU5Iu+3JmLbqVh4pRFv/d1:CiCLL4UJHZ5I70Ehs/3

Score

7^/10

Malware Config

Targets

- Target
  
  1e666552a257cb3ce8ea4de868d27c0610e54bc5e6cd64a4a9be869a7bfa9f46
- Size
  
  1.9MB
- MD5
  
  e66f3d4c9072ec5e652912387b8ecb10
- SHA1
  
  50235b5bb054887a210dfdd160ba2d60ff48e802
- SHA256
  
  1e666552a257cb3ce8ea4de868d27c0610e54bc5e6cd64a4a9be869a7bfa9f46
- SHA512
  
  fffc0dedc6f7cee77941486e3bd341b76de9ee54e728719a83a296ea93aa6243b8e4eb57dc8724b0fd11bd014a649ffed4955c0cbca26fedb139c4f39bb0631d
- SSDEEP
  
  49152:C3dO4wl1Xmw2LrqY4U/hGASU5Iu+3JmLbqVh4pRFv/d1:CiCLL4UJHZ5I70Ehs/3
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1