2ce4cff45a5c16c1eafadc4f70a5fea9353b671231ac296e99de70cd13d2b629 | Triage

Sharing

General

Target

10.exe
Size

5KB
Sample

221224-znqlvsaf33
MD5

3ccc9ea7e01eada09c2345286fec084b
SHA1

f5ee560ceb8667d4af580e9c60b2793b34e80725
SHA256

2ce4cff45a5c16c1eafadc4f70a5fea9353b671231ac296e99de70cd13d2b629
SHA512

1e824b2f68e77449e796423fbddcbb1853b977fd099b232c636a143b8f2763e54c25392da0611773e99e94e7468a62abdc0dcac6c2dd86f9b6b114345f67d494
SSDEEP

96:rkd579YGL1bhycGdH8KYYdXNSOs7GAtTNtUqzpiON7Y3d3ojerl:MJ9YGL1bhycglNSOSlhNtUqzIO63dN

Score

8^/10

Malware Config

Targets

- Target
  
  10.exe
- Size
  
  5KB
- MD5
  
  3ccc9ea7e01eada09c2345286fec084b
- SHA1
  
  f5ee560ceb8667d4af580e9c60b2793b34e80725
- SHA256
  
  2ce4cff45a5c16c1eafadc4f70a5fea9353b671231ac296e99de70cd13d2b629
- SHA512
  
  1e824b2f68e77449e796423fbddcbb1853b977fd099b232c636a143b8f2763e54c25392da0611773e99e94e7468a62abdc0dcac6c2dd86f9b6b114345f67d494
- SSDEEP
  
  96:rkd579YGL1bhycGdH8KYYdXNSOs7GAtTNtUqzpiON7Y3d3ojerl:MJ9YGL1bhycglNSOSlhNtUqzIO63dN
Score

8^/10
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2