cedce3ba308631ff038dd35f7fff704d8dd509e1dcd2d79ead661cffbb163c78 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cedce3ba308631ff038dd35f7fff704d8dd509e1dcd2d79ead661cffbb163c78
Size

200KB
Sample

221206-v3wn7shc46
MD5

21fb3b9a459f3d535198aa6ecfc5d400
SHA1

0478f7c5655dfeb3d2572b7a9372fb003fde5f2e
SHA256

cedce3ba308631ff038dd35f7fff704d8dd509e1dcd2d79ead661cffbb163c78
SHA512

94fca77610b598ee47aa13ad5bd728887df8a24af0f2014a1f1dd921d4e0eb69938ec442bf10363024005ae01ab683989c6da62efc5c4e041249ad3bc7a691ec
SSDEEP

3072:odpqU+b3Pc3y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmSNS4Sd:al+b3Pc3yGFInRO

Score

8^/10

Malware Config

Targets

- Target
  
  cedce3ba308631ff038dd35f7fff704d8dd509e1dcd2d79ead661cffbb163c78
- Size
  
  200KB
- MD5
  
  21fb3b9a459f3d535198aa6ecfc5d400
- SHA1
  
  0478f7c5655dfeb3d2572b7a9372fb003fde5f2e
- SHA256
  
  cedce3ba308631ff038dd35f7fff704d8dd509e1dcd2d79ead661cffbb163c78
- SHA512
  
  94fca77610b598ee47aa13ad5bd728887df8a24af0f2014a1f1dd921d4e0eb69938ec442bf10363024005ae01ab683989c6da62efc5c4e041249ad3bc7a691ec
- SSDEEP
  
  3072:odpqU+b3Pc3y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmSNS4Sd:al+b3Pc3yGFInRO
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2