e8fd0695d0f3fec83f05dcdf9e2f75ec5d00889efb82425efc37f163b19a3707 | Triage

Sharing

General

Target

e8fd0695d0f3fec83f05dcdf9e2f75ec5d00889efb82425efc37f163b19a3707
Size

747KB
Sample

221203-nvmb8sbd2s
MD5

9c492110883d4ab9777b97f108fc73aa
SHA1

14812a9790bc4bd48759dd126b69577d4a34bbce
SHA256

e8fd0695d0f3fec83f05dcdf9e2f75ec5d00889efb82425efc37f163b19a3707
SHA512

727941d46908f6fe6829acaed48842d8497a6c684c0a21bdacd5d5e2f88882510337808f198fc83d3b24ac47383dafe71dea69c9f2bf3fd1b9ae4abd6fef8d5f
SSDEEP

12288:GyP/wMqZcwvGT9dlfgAa/fuG5xsb5AS8jeM6PEKpDIOSGxRn/TVlU/3Zla:rb9cuVb5ASE56PEEkhQ/pyv+

Score

8^/10

Malware Config

Targets

- Target
  
  e8fd0695d0f3fec83f05dcdf9e2f75ec5d00889efb82425efc37f163b19a3707
- Size
  
  747KB
- MD5
  
  9c492110883d4ab9777b97f108fc73aa
- SHA1
  
  14812a9790bc4bd48759dd126b69577d4a34bbce
- SHA256
  
  e8fd0695d0f3fec83f05dcdf9e2f75ec5d00889efb82425efc37f163b19a3707
- SHA512
  
  727941d46908f6fe6829acaed48842d8497a6c684c0a21bdacd5d5e2f88882510337808f198fc83d3b24ac47383dafe71dea69c9f2bf3fd1b9ae4abd6fef8d5f
- SSDEEP
  
  12288:GyP/wMqZcwvGT9dlfgAa/fuG5xsb5AS8jeM6PEKpDIOSGxRn/TVlU/3Zla:rb9cuVb5ASE56PEEkhQ/pyv+
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2