a362ede7810f1cf2bdee44985ecde6f4f9cd8d708f6fb8b860777c13f827c582 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db6fbe38493827534ff520df733d5927.bin
Size

31KB
Sample

240220-ekysvabc24
MD5

db6fbe38493827534ff520df733d5927
SHA1

18b5d3e1254c2f1b0a9214c56f1802a52d7e7330
SHA256

a362ede7810f1cf2bdee44985ecde6f4f9cd8d708f6fb8b860777c13f827c582
SHA512

7de0373da58239e8d45b1bf34789b75eb945cacda6c5de9214380abebfcf5ce9c78787bb2327a9e2413043db9113c02a3feb7665e67238082d8ca5c2a00eb25e
SSDEEP

384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUr766SJ/Tl+bltoGkV:bA74zYcgT/Ekd0ryfjQRSlwltYV

Score

7^/10

Malware Config

Targets

- Target
  
  db6fbe38493827534ff520df733d5927.bin
- Size
  
  31KB
- MD5
  
  db6fbe38493827534ff520df733d5927
- SHA1
  
  18b5d3e1254c2f1b0a9214c56f1802a52d7e7330
- SHA256
  
  a362ede7810f1cf2bdee44985ecde6f4f9cd8d708f6fb8b860777c13f827c582
- SHA512
  
  7de0373da58239e8d45b1bf34789b75eb945cacda6c5de9214380abebfcf5ce9c78787bb2327a9e2413043db9113c02a3feb7665e67238082d8ca5c2a00eb25e
- SSDEEP
  
  384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUr766SJ/Tl+bltoGkV:bA74zYcgT/Ekd0ryfjQRSlwltYV
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2