98ebe202ebf1bfe4c8d49f944c1708728191f93eb12ae98f23ac411b6eeda20e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

98ebe202ebf1bfe4c8d49f944c1708728191f93eb12ae98f23ac411b6eeda20e
Size

1.6MB
Sample

231009-s5eglagb25
MD5

74b0f8815e3ce8bcaf255bfae2d57eb9
SHA1

b9a8c81c2c8b2b7393f8c59e191abdbc2b958e21
SHA256

98ebe202ebf1bfe4c8d49f944c1708728191f93eb12ae98f23ac411b6eeda20e
SHA512

d192ecad0e0f37d1a3584c29ab7d1ecc24e69f7b52929d6fe0776e421366591c4755baa6dc6e37154f96c94336f38e8682596b2938a4a175b367d23c8b0af47e
SSDEEP

49152:CuWr4tN7MZplxU4vpDWlzUaCsk1cP3h0HWlNZrs:CuWW7MbbYlzUaCrEx0HWlbs

Score

7^/10

Malware Config

Targets

- Target
  
  98ebe202ebf1bfe4c8d49f944c1708728191f93eb12ae98f23ac411b6eeda20e
- Size
  
  1.6MB
- MD5
  
  74b0f8815e3ce8bcaf255bfae2d57eb9
- SHA1
  
  b9a8c81c2c8b2b7393f8c59e191abdbc2b958e21
- SHA256
  
  98ebe202ebf1bfe4c8d49f944c1708728191f93eb12ae98f23ac411b6eeda20e
- SHA512
  
  d192ecad0e0f37d1a3584c29ab7d1ecc24e69f7b52929d6fe0776e421366591c4755baa6dc6e37154f96c94336f38e8682596b2938a4a175b367d23c8b0af47e
- SSDEEP
  
  49152:CuWr4tN7MZplxU4vpDWlzUaCsk1cP3h0HWlNZrs:CuWW7MbbYlzUaCrEx0HWlbs
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2