e1a92809c64eb09c34224b2f1a990022e6aa61c3cc1485b0d1db2870b38c73ae | Triage

Sharing

General

Target

e1a92809c64eb09c34224b2f1a990022e6aa61c3cc1485b0d1db2870b38c73ae
Size

205KB
Sample

230607-xxlyxsfc8v
MD5

76880833f51c5de38fed5b178feb2381
SHA1

3461e29756655c0c8ec32be1d3bb80c49a4747df
SHA256

e1a92809c64eb09c34224b2f1a990022e6aa61c3cc1485b0d1db2870b38c73ae
SHA512

0b8b61dc1c50a78ecb08b5a7162482f32c450804eb3e9f12acfbf9e648fe7ed39a67be8331fc4d4459b672a81bd4d0e6db9d8d3364439c9a366d3ef31ec969f5
SSDEEP

3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij

Score

7^/10

Malware Config

Targets

- Target
  
  e1a92809c64eb09c34224b2f1a990022e6aa61c3cc1485b0d1db2870b38c73ae
- Size
  
  205KB
- MD5
  
  76880833f51c5de38fed5b178feb2381
- SHA1
  
  3461e29756655c0c8ec32be1d3bb80c49a4747df
- SHA256
  
  e1a92809c64eb09c34224b2f1a990022e6aa61c3cc1485b0d1db2870b38c73ae
- SHA512
  
  0b8b61dc1c50a78ecb08b5a7162482f32c450804eb3e9f12acfbf9e648fe7ed39a67be8331fc4d4459b672a81bd4d0e6db9d8d3364439c9a366d3ef31ec969f5
- SSDEEP
  
  3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1