20ec3bec0465f43ae42fdd9a1689c7cd9290e8fd4f97eaaf7bf94decb61a09bb | Triage

Sharing

General

Target

20ec3bec0465f43ae42fdd9a1689c7cd9290e8fd4f97eaaf7bf94decb61a09bb
Size

2.3MB
Sample

240112-2y1wpagbh3
MD5

3d66b6b5f045562cfe1b082c20ccbbe7
SHA1

6f8f27f84d3c65bff09e27a5cffa354da86ce2a0
SHA256

20ec3bec0465f43ae42fdd9a1689c7cd9290e8fd4f97eaaf7bf94decb61a09bb
SHA512

36e60e5a2a373808e949624f4611718d9b6153ac97acfdf04c541eef05dce24e5f319ff78371bbd52c263e07158f39f1fc469f4900ee195584c93d6b32119839
SSDEEP

49152:anGImUnDnszjURXVNFn6YqQrzgOWUwgedfCx/z0g7+mmgc:aGInDszqzxqQ3lWXge4x/ykc

Score

7^/10

Malware Config

Targets

- Target
  
  20ec3bec0465f43ae42fdd9a1689c7cd9290e8fd4f97eaaf7bf94decb61a09bb
- Size
  
  2.3MB
- MD5
  
  3d66b6b5f045562cfe1b082c20ccbbe7
- SHA1
  
  6f8f27f84d3c65bff09e27a5cffa354da86ce2a0
- SHA256
  
  20ec3bec0465f43ae42fdd9a1689c7cd9290e8fd4f97eaaf7bf94decb61a09bb
- SHA512
  
  36e60e5a2a373808e949624f4611718d9b6153ac97acfdf04c541eef05dce24e5f319ff78371bbd52c263e07158f39f1fc469f4900ee195584c93d6b32119839
- SSDEEP
  
  49152:anGImUnDnszjURXVNFn6YqQrzgOWUwgedfCx/z0g7+mmgc:aGInDszqzxqQ3lWXge4x/ykc
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2