0ed26a132eeed88166587f6936158cb496c6128bab4991764e3d79a7de4432eb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ed26a132eeed88166587f6936158cb496c6128bab4991764e3d79a7de4432eb
Size

4.2MB
Sample

230413-yrtbgsdh43
MD5

cbb14267dbd36e0f5d88aa3ae8ede293
SHA1

12c1d60d72e1a911453e9de87c9ee5026ffbf93b
SHA256

0ed26a132eeed88166587f6936158cb496c6128bab4991764e3d79a7de4432eb
SHA512

6647216910e62a98c12b35d3341090cdc77a88aea7ec87c6509f3991c46ee9cfb557c0faafa79863fcb075090a254a8013562e75823ec8fa4d1b1c7561dcaf55
SSDEEP

98304:pPy5sXaNn4CtHyp2gXXgfJNw5DKPj4160oh518uDdR:pENLSk5f3w5DKPjx0ADH

Score

7^/10

Malware Config

Targets

- Target
  
  0ed26a132eeed88166587f6936158cb496c6128bab4991764e3d79a7de4432eb
- Size
  
  4.2MB
- MD5
  
  cbb14267dbd36e0f5d88aa3ae8ede293
- SHA1
  
  12c1d60d72e1a911453e9de87c9ee5026ffbf93b
- SHA256
  
  0ed26a132eeed88166587f6936158cb496c6128bab4991764e3d79a7de4432eb
- SHA512
  
  6647216910e62a98c12b35d3341090cdc77a88aea7ec87c6509f3991c46ee9cfb557c0faafa79863fcb075090a254a8013562e75823ec8fa4d1b1c7561dcaf55
- SSDEEP
  
  98304:pPy5sXaNn4CtHyp2gXXgfJNw5DKPj4160oh518uDdR:pENLSk5f3w5DKPjx0ADH
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2