8e1a8ae96398657b5886b905b15f58d6f051be8f32014729ca19a9322ed99741 | Triage

Sharing

General

Target

8e1a8ae96398657b5886b905b15f58d6f051be8f32014729ca19a9322ed99741
Size

200KB
Sample

221204-rkxa8sfe43
MD5

2d3d6822b22039bee2ab74835c402d90
SHA1

4f6641d269474ecf2fcdc830058dab133a63d53d
SHA256

8e1a8ae96398657b5886b905b15f58d6f051be8f32014729ca19a9322ed99741
SHA512

40ff51fe9788bc861bf91f5b054f8a35a1877b0e46a8fdc5f4b7b233b9a0dd8a8bb955206c0226d8d170dfb2618558619b2fa837d49aed5a4c71e8b0c6f73139
SSDEEP

3072:shGiZ5C3y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmSNS4SQSsm:xr3yGFInRO

Score

8^/10

Malware Config

Targets

- Target
  
  8e1a8ae96398657b5886b905b15f58d6f051be8f32014729ca19a9322ed99741
- Size
  
  200KB
- MD5
  
  2d3d6822b22039bee2ab74835c402d90
- SHA1
  
  4f6641d269474ecf2fcdc830058dab133a63d53d
- SHA256
  
  8e1a8ae96398657b5886b905b15f58d6f051be8f32014729ca19a9322ed99741
- SHA512
  
  40ff51fe9788bc861bf91f5b054f8a35a1877b0e46a8fdc5f4b7b233b9a0dd8a8bb955206c0226d8d170dfb2618558619b2fa837d49aed5a4c71e8b0c6f73139
- SSDEEP
  
  3072:shGiZ5C3y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmSNS4SQSsm:xr3yGFInRO
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2