e95fcfa05c734769b9f72768fff58c7a5c8728428a1bef26f757b73fd2587ccd | Triage

Sharing

General

Target

e95fcfa05c734769b9f72768fff58c7a5c8728428a1bef26f757b73fd2587ccd
Size

19KB
Sample

221127-nxkw7aeb96
MD5

99b77d24379eb1299ea585f5a58c702a
SHA1

4cdbbde9691b1696715d95cb3afec5c5aa30743b
SHA256

e95fcfa05c734769b9f72768fff58c7a5c8728428a1bef26f757b73fd2587ccd
SHA512

7066721404704f373b05ac5978e6e69f80f2fee68406f923e6c16c799118f08c666a8cfab199b00bfa8e5646525ee0c44dd86e66c67b4be838c4a96f757e58c1
SSDEEP

384:uV723lkaZMCtDHh1ujHXRrs905INeZCFtejlIko5dN127BFVn2p4lAnZ8Ox8B+tY:cpaPBfujHXRrs9sINeZEtejlIkoLN12r

Score

8^/10

Malware Config

Targets

- Target
  
  e95fcfa05c734769b9f72768fff58c7a5c8728428a1bef26f757b73fd2587ccd
- Size
  
  19KB
- MD5
  
  99b77d24379eb1299ea585f5a58c702a
- SHA1
  
  4cdbbde9691b1696715d95cb3afec5c5aa30743b
- SHA256
  
  e95fcfa05c734769b9f72768fff58c7a5c8728428a1bef26f757b73fd2587ccd
- SHA512
  
  7066721404704f373b05ac5978e6e69f80f2fee68406f923e6c16c799118f08c666a8cfab199b00bfa8e5646525ee0c44dd86e66c67b4be838c4a96f757e58c1
- SSDEEP
  
  384:uV723lkaZMCtDHh1ujHXRrs905INeZCFtejlIko5dN127BFVn2p4lAnZ8Ox8B+tY:cpaPBfujHXRrs9sINeZEtejlIkoLN12r
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2