3edf3f59075b85db9196de07fa00903bccb90cb6bf576a6f7501264b23ffd3b3 | Triage

Sharing

General

Target

3edf3f59075b85db9196de07fa00903bccb90cb6bf576a6f7501264b23ffd3b3
Size

1.1MB
Sample

240530-zegmlaag59
MD5

c304d3d5061d72d4b4afd4e855e40cc1
SHA1

257437f98910d6ba849d580cd4d2ea9b0a6af4a7
SHA256

3edf3f59075b85db9196de07fa00903bccb90cb6bf576a6f7501264b23ffd3b3
SHA512

6b7799538163cb3dfb7a39155c19734734e884315455ed764f2bbb95b6c78e7d91413be040c205f438facd07cf94fe9f4450590282ea1365753ca2e8718cb39d
SSDEEP

24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5QT:acallSllG4ZM7QzMU

Score

7^/10

Malware Config

Targets

- Target
  
  3edf3f59075b85db9196de07fa00903bccb90cb6bf576a6f7501264b23ffd3b3
- Size
  
  1.1MB
- MD5
  
  c304d3d5061d72d4b4afd4e855e40cc1
- SHA1
  
  257437f98910d6ba849d580cd4d2ea9b0a6af4a7
- SHA256
  
  3edf3f59075b85db9196de07fa00903bccb90cb6bf576a6f7501264b23ffd3b3
- SHA512
  
  6b7799538163cb3dfb7a39155c19734734e884315455ed764f2bbb95b6c78e7d91413be040c205f438facd07cf94fe9f4450590282ea1365753ca2e8718cb39d
- SSDEEP
  
  24576:aH0dl8myX9Bg42QoXFkrzkmplSgRDYo0lG4Z8r7Qfbkiu5QT:acallSllG4ZM7QzMU
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2