e12e18289caaa5a9bd2d4d7b6acb59f5d5f60e824c4b4e454fb58cde0f1db10d | Triage

Sharing

General

Target

e12e18289caaa5a9bd2d4d7b6acb59f5d5f60e824c4b4e454fb58cde0f1db10d
Size

96KB
Sample

240522-devcssac4z
MD5

cf3eaace859fbe02845560114ef7b236
SHA1

52af03efca73c71d92fbec44c30132bae2ad64b7
SHA256

e12e18289caaa5a9bd2d4d7b6acb59f5d5f60e824c4b4e454fb58cde0f1db10d
SHA512

61a15abaf8b555d86fb44494a9635761063356587f4c8ee30018be0dfc61ac1d4580cc87849e3e78ed875f6cd78808367438067389d46ce86f217daa8fd6e4c7
SSDEEP

1536:V6QFElP6n+gMQMOtEvwDpjQGYQbN/PKwNgp4:V6a+pOtEvwDpjtz7

Score

7^/10

Malware Config

Targets

- Target
  
  e12e18289caaa5a9bd2d4d7b6acb59f5d5f60e824c4b4e454fb58cde0f1db10d
- Size
  
  96KB
- MD5
  
  cf3eaace859fbe02845560114ef7b236
- SHA1
  
  52af03efca73c71d92fbec44c30132bae2ad64b7
- SHA256
  
  e12e18289caaa5a9bd2d4d7b6acb59f5d5f60e824c4b4e454fb58cde0f1db10d
- SHA512
  
  61a15abaf8b555d86fb44494a9635761063356587f4c8ee30018be0dfc61ac1d4580cc87849e3e78ed875f6cd78808367438067389d46ce86f217daa8fd6e4c7
- SSDEEP
  
  1536:V6QFElP6n+gMQMOtEvwDpjQGYQbN/PKwNgp4:V6a+pOtEvwDpjtz7
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2