995cadb9d5e5805724c22e3c0df6a975172c53029a3a2c6629170d6f62579940 | Triage

Sharing

General

Target

995cadb9d5e5805724c22e3c0df6a975172c53029a3a2c6629170d6f62579940
Size

1.1MB
Sample

240529-er3elsaa6s
MD5

b096071baa11d86d27bc6f95175ba977
SHA1

98bd276a266309fa8c59f87f3ab1403ff83a297e
SHA256

995cadb9d5e5805724c22e3c0df6a975172c53029a3a2c6629170d6f62579940
SHA512

b7b6c92e7d1355ffb13b3dec7d0c26d6de6e0f2c6cdafaf9655230559ba1d16ed54581d2c51dba19232aa8a122e1895352804478015e52af3d74be9fd7d8b6f1
SSDEEP

24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5Qw:CcaClSFlG4ZM7QzMn

Score

7^/10

Malware Config

Targets

- Target
  
  995cadb9d5e5805724c22e3c0df6a975172c53029a3a2c6629170d6f62579940
- Size
  
  1.1MB
- MD5
  
  b096071baa11d86d27bc6f95175ba977
- SHA1
  
  98bd276a266309fa8c59f87f3ab1403ff83a297e
- SHA256
  
  995cadb9d5e5805724c22e3c0df6a975172c53029a3a2c6629170d6f62579940
- SHA512
  
  b7b6c92e7d1355ffb13b3dec7d0c26d6de6e0f2c6cdafaf9655230559ba1d16ed54581d2c51dba19232aa8a122e1895352804478015e52af3d74be9fd7d8b6f1
- SSDEEP
  
  24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5Qw:CcaClSFlG4ZM7QzMn
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2