ec4eaa35ae6752aa92a75e24535e4c664f81fc4b30c27e514a15de22c8fb3b1a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ec4eaa35ae6752aa92a75e24535e4c664f81fc4b30c27e514a15de22c8fb3b1a
Size

1.1MB
Sample

240530-zdkmvsag43
MD5

5dba4c436b7e0583f72cbd00e30b23dc
SHA1

b426da46c0d7cc66b420f7bbc97071cee7d879e8
SHA256

ec4eaa35ae6752aa92a75e24535e4c664f81fc4b30c27e514a15de22c8fb3b1a
SHA512

a8b512879b8d56196ca5a88956802d8e29b82a7123167bf244b377a3f169e3613b0e4ad55155ef9322e7100b42de929e86405a3cc56233c3b90b0f936c1e460d
SSDEEP

24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Qu:acallSllG4ZM7QzMF

Score

7^/10

Malware Config

Targets

- Target
  
  ec4eaa35ae6752aa92a75e24535e4c664f81fc4b30c27e514a15de22c8fb3b1a
- Size
  
  1.1MB
- MD5
  
  5dba4c436b7e0583f72cbd00e30b23dc
- SHA1
  
  b426da46c0d7cc66b420f7bbc97071cee7d879e8
- SHA256
  
  ec4eaa35ae6752aa92a75e24535e4c664f81fc4b30c27e514a15de22c8fb3b1a
- SHA512
  
  a8b512879b8d56196ca5a88956802d8e29b82a7123167bf244b377a3f169e3613b0e4ad55155ef9322e7100b42de929e86405a3cc56233c3b90b0f936c1e460d
- SSDEEP
  
  24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5Qu:acallSllG4ZM7QzMF
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2