ceea81648a17db98d27d47dd227a4c3576ba878396b3f2debb6326befdec710c | Triage

Sharing

General

Target

ceea81648a17db98d27d47dd227a4c3576ba878396b3f2debb6326befdec710c
Size

525KB
Sample

240313-3hb33aeg35
MD5

590c7bcb9c98a5ede6c37b0bc45966aa
SHA1

6cf93045506852832ce3cd88b0fee83c1f164f71
SHA256

ceea81648a17db98d27d47dd227a4c3576ba878396b3f2debb6326befdec710c
SHA512

845f4672654fa56f92e4b62d1ad2cf902f6b10664183b67ccce99495ecbf439447bd51d617f3108ce37c15749982b4762d3ef80c60155ba4e3978b15fd9a1182
SSDEEP

3072:cCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxA:cqDAwl0xPTMiR9JSSxPUKYGdodH1

Score

7^/10

Malware Config

Targets

- Target
  
  ceea81648a17db98d27d47dd227a4c3576ba878396b3f2debb6326befdec710c
- Size
  
  525KB
- MD5
  
  590c7bcb9c98a5ede6c37b0bc45966aa
- SHA1
  
  6cf93045506852832ce3cd88b0fee83c1f164f71
- SHA256
  
  ceea81648a17db98d27d47dd227a4c3576ba878396b3f2debb6326befdec710c
- SHA512
  
  845f4672654fa56f92e4b62d1ad2cf902f6b10664183b67ccce99495ecbf439447bd51d617f3108ce37c15749982b4762d3ef80c60155ba4e3978b15fd9a1182
- SSDEEP
  
  3072:cCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxA:cqDAwl0xPTMiR9JSSxPUKYGdodH1
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2