8e8655fb021052a99ccf8331013ab6e42d9d50c47b22e9c1654b96a749f71c63 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e8655fb021052a99ccf8331013ab6e42d9d50c47b22e9c1654b96a749f71c63
Size

134KB
Sample

221204-evcncsfa28
MD5

c45ed260ec42329513f9ba61e3089301
SHA1

eaf11cfa4587577bc320f7ddbccb70c87fbd9705
SHA256

8e8655fb021052a99ccf8331013ab6e42d9d50c47b22e9c1654b96a749f71c63
SHA512

a060fb4b8e6caa21e7d80e46028743a45fe0b3564e143f7db6070c1f1aa32f7cf5f0562aa6dcc0859a3478aa3f3b64f5d2f7e7d37398f4d392ad2061fe1900d9
SSDEEP

3072:IY8onBwwwdosCGNoAibJ17T5epGDizbo40AshlCEXOmDt13FMA4E:5nrsCGN0J17Tv2MoeXOSt1aA4E

Score

8^/10

Malware Config

Targets

- Target
  
  8e8655fb021052a99ccf8331013ab6e42d9d50c47b22e9c1654b96a749f71c63
- Size
  
  134KB
- MD5
  
  c45ed260ec42329513f9ba61e3089301
- SHA1
  
  eaf11cfa4587577bc320f7ddbccb70c87fbd9705
- SHA256
  
  8e8655fb021052a99ccf8331013ab6e42d9d50c47b22e9c1654b96a749f71c63
- SHA512
  
  a060fb4b8e6caa21e7d80e46028743a45fe0b3564e143f7db6070c1f1aa32f7cf5f0562aa6dcc0859a3478aa3f3b64f5d2f7e7d37398f4d392ad2061fe1900d9
- SSDEEP
  
  3072:IY8onBwwwdosCGNoAibJ17T5epGDizbo40AshlCEXOmDt13FMA4E:5nrsCGN0J17Tv2MoeXOSt1aA4E
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2