8efdf5635d3f046c525934fb27566998ba4df2ada2cbc8fa4a06d38844530f8a | Triage

Sharing

General

Target

8efdf5635d3f046c525934fb27566998ba4df2ada2cbc8fa4a06d38844530f8a
Size

658KB
Sample

221205-p1l44aeg8v
MD5

25e70b0db8f7cb17d7df76c53dd9ad9c
SHA1

2981a2c7e034cfe373a58507b1b2357cf4335af2
SHA256

8efdf5635d3f046c525934fb27566998ba4df2ada2cbc8fa4a06d38844530f8a
SHA512

ece796f50f482539e2b2aab23da44b3a0358e6d318986a52f573dce2d363ed6041891d3f9c0edc8bbf98eff6c30b359ed74fbf9fa800b951a6c404e09312fd9c
SSDEEP

12288:k/oK/zcI7+2kkKrEHFZIV0flTIGLJJ2oMvqLlmc6e3rXP:6oKbcxkKrEHFi0fxT2lvswc9LP

Score

8^/10

Malware Config

Targets

- Target
  
  8efdf5635d3f046c525934fb27566998ba4df2ada2cbc8fa4a06d38844530f8a
- Size
  
  658KB
- MD5
  
  25e70b0db8f7cb17d7df76c53dd9ad9c
- SHA1
  
  2981a2c7e034cfe373a58507b1b2357cf4335af2
- SHA256
  
  8efdf5635d3f046c525934fb27566998ba4df2ada2cbc8fa4a06d38844530f8a
- SHA512
  
  ece796f50f482539e2b2aab23da44b3a0358e6d318986a52f573dce2d363ed6041891d3f9c0edc8bbf98eff6c30b359ed74fbf9fa800b951a6c404e09312fd9c
- SSDEEP
  
  12288:k/oK/zcI7+2kkKrEHFZIV0flTIGLJJ2oMvqLlmc6e3rXP:6oKbcxkKrEHFi0fxT2lvswc9LP
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2