ef1cadcbc61bbce6e0a7b839e0e4935307f4b7a67088ae300720b3a27b2b95c4 | Triage

Sharing

General

Target

a3a1eb9266fe726d012f151f8f215beb
Size

2.5MB
Sample

240225-naw1yaac45
MD5

a3a1eb9266fe726d012f151f8f215beb
SHA1

d21b86ffb7ccd3badb9430aff77708e81899f180
SHA256

ef1cadcbc61bbce6e0a7b839e0e4935307f4b7a67088ae300720b3a27b2b95c4
SHA512

691b57f1609857adc124dd7ec2d7158249274607d806522b0091282c4eef71d65b964abe27176b101e68c41734671f63ea70dcdacc3187b115c27bff107feee6
SSDEEP

49152:BTTULEnhXcKk9vENby4xXjySlDkqcoi3kHCicjhUMsxTWN0Imie:uLEnhXc9ibygXj9Yhj3kiiybsxTm0ImX

Score

8^/10

Malware Config

Targets

- Target
  
  a3a1eb9266fe726d012f151f8f215beb
- Size
  
  2.5MB
- MD5
  
  a3a1eb9266fe726d012f151f8f215beb
- SHA1
  
  d21b86ffb7ccd3badb9430aff77708e81899f180
- SHA256
  
  ef1cadcbc61bbce6e0a7b839e0e4935307f4b7a67088ae300720b3a27b2b95c4
- SHA512
  
  691b57f1609857adc124dd7ec2d7158249274607d806522b0091282c4eef71d65b964abe27176b101e68c41734671f63ea70dcdacc3187b115c27bff107feee6
- SSDEEP
  
  49152:BTTULEnhXcKk9vENby4xXjySlDkqcoi3kHCicjhUMsxTWN0Imie:uLEnhXc9ibygXj9Yhj3kiiybsxTm0ImX
Score

8^/10
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2