e0966328801db27d0e6cccf9cfee21b199d0b0da0bcf9ac87ac54d9ff54cee06 | Triage

Sharing

General

Target

e0966328801db27d0e6cccf9cfee21b199d0b0da0bcf9ac87ac54d9ff54cee06
Size

4.3MB
Sample

231120-gphzaseb28
MD5

57eb9a02c264bd6a1e0eb05671a1de14
SHA1

6eb8ec0d61d8ba75268e874472d0dc58c7d6f1f6
SHA256

e0966328801db27d0e6cccf9cfee21b199d0b0da0bcf9ac87ac54d9ff54cee06
SHA512

d8d8d66cc8defbd334bdce802bad286c1d28d5c1e6d817820b3688f7d86927c5b5230ee3e7f151378d445b0016e84759d0cd127850db84a43f2cfdf999c9179a
SSDEEP

49152:JgyPEqB/PoMxiIW+yTP3dNWLRm9jaRrCRVNgYzuRbHrQS6qU70Eo6k:JgyPEbMxiIW+yTPd8/cg6qUL4

Score

7^/10

Malware Config

Targets

- Target
  
  e0966328801db27d0e6cccf9cfee21b199d0b0da0bcf9ac87ac54d9ff54cee06
- Size
  
  4.3MB
- MD5
  
  57eb9a02c264bd6a1e0eb05671a1de14
- SHA1
  
  6eb8ec0d61d8ba75268e874472d0dc58c7d6f1f6
- SHA256
  
  e0966328801db27d0e6cccf9cfee21b199d0b0da0bcf9ac87ac54d9ff54cee06
- SHA512
  
  d8d8d66cc8defbd334bdce802bad286c1d28d5c1e6d817820b3688f7d86927c5b5230ee3e7f151378d445b0016e84759d0cd127850db84a43f2cfdf999c9179a
- SSDEEP
  
  49152:JgyPEqB/PoMxiIW+yTP3dNWLRm9jaRrCRVNgYzuRbHrQS6qU70Eo6k:JgyPEbMxiIW+yTPd8/cg6qUL4
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2