eb0aaf550c828dc83af34ea231df4fa588503ade3f5e4cda86c5608b978a4390 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eb0aaf550c828dc83af34ea231df4fa588503ade3f5e4cda86c5608b978a4390
Size

100KB
Sample

221206-gxr7yaeb6z
MD5

ef73ef6a707c86619faaed119a321f26
SHA1

c1773accffe425c2b11d54ee87a27d5503a91d88
SHA256

eb0aaf550c828dc83af34ea231df4fa588503ade3f5e4cda86c5608b978a4390
SHA512

7c33a9c7147a3a759d86ecdaa5a48895fb494defe3db95efa97ed5936d70ca1cc608bd17bd2b103fcb47d5c93360e5bc95deb9f7c29bea6f56a9704bc5471e75
SSDEEP

1536:/r92K2jE7daQXpPg3hObYhlYc9g9khu6PLI:x2XIbPYYcSp

Score

8^/10

Malware Config

Targets

- Target
  
  eb0aaf550c828dc83af34ea231df4fa588503ade3f5e4cda86c5608b978a4390
- Size
  
  100KB
- MD5
  
  ef73ef6a707c86619faaed119a321f26
- SHA1
  
  c1773accffe425c2b11d54ee87a27d5503a91d88
- SHA256
  
  eb0aaf550c828dc83af34ea231df4fa588503ade3f5e4cda86c5608b978a4390
- SHA512
  
  7c33a9c7147a3a759d86ecdaa5a48895fb494defe3db95efa97ed5936d70ca1cc608bd17bd2b103fcb47d5c93360e5bc95deb9f7c29bea6f56a9704bc5471e75
- SSDEEP
  
  1536:/r92K2jE7daQXpPg3hObYhlYc9g9khu6PLI:x2XIbPYYcSp
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2