e295922322324e048657a5b4c0c4c9717a1a127e39ba45a03dc5d4d4bb2e523f | Triage

Sharing

General

Target

e295922322324e048657a5b4c0c4c9717a1a127e39ba45a03dc5d4d4bb2e523f
Size

21KB
Sample

221125-pv5dgsha26
MD5

ba5d958e6ff7773d1ce1ae44552b4e00
SHA1

06a337158d07dc651f24aee09cbb63579fea0cea
SHA256

e295922322324e048657a5b4c0c4c9717a1a127e39ba45a03dc5d4d4bb2e523f
SHA512

a36a9ebdd23353faa35712d67b7cd33340171090999c874e6771c0e1660ad3ba3c785a17e2b18aa263e9a29b421ccb2930f3b4c6bfb7314af48f8e7875dfb3da
SSDEEP

192:PvluEAfEQogU2KBYOVUpXThYZzPEqnq9MZq0Nq0FnPEN2ebSiH:3lqECUNBvVk90PGMZ7FMN2RiH

Score

8^/10

Malware Config

Targets

- Target
  
  e295922322324e048657a5b4c0c4c9717a1a127e39ba45a03dc5d4d4bb2e523f
- Size
  
  21KB
- MD5
  
  ba5d958e6ff7773d1ce1ae44552b4e00
- SHA1
  
  06a337158d07dc651f24aee09cbb63579fea0cea
- SHA256
  
  e295922322324e048657a5b4c0c4c9717a1a127e39ba45a03dc5d4d4bb2e523f
- SHA512
  
  a36a9ebdd23353faa35712d67b7cd33340171090999c874e6771c0e1660ad3ba3c785a17e2b18aa263e9a29b421ccb2930f3b4c6bfb7314af48f8e7875dfb3da
- SSDEEP
  
  192:PvluEAfEQogU2KBYOVUpXThYZzPEqnq9MZq0Nq0FnPEN2ebSiH:3lqECUNBvVk90PGMZ7FMN2RiH
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2