ee2b65b994664f7608df6e36f47e3e566e933d60675385bdc096d320559cda72 | Triage

Sharing

General

Target

ee2b65b994664f7608df6e36f47e3e566e933d60675385bdc096d320559cda72
Size

38KB
Sample

240611-fes6vavdkb
MD5

c3d93e16a9f7c75d24f6b32b8978a6cb
SHA1

f1606df1411d362958113c3501ecce7a1e41f3bc
SHA256

ee2b65b994664f7608df6e36f47e3e566e933d60675385bdc096d320559cda72
SHA512

fab400d0d3919718abebf1b4699bc9b6e0e83c2c8bfc8695c0fb7c7fa83dad3f3a1e4bc4aeee93593a99f3241b2fe20abdc66bb0d30f62791c8427c2c9bee257
SSDEEP

384:U4H4zrETIlpaYv696tOLq0DeeqVsdEQktgDj5ggAAXo2ZhfuXlKNqIC13g0kau:/YzEI7aYv6N3a5smptK5VX1/fAgQk

Score

7^/10

Malware Config

Targets

- Target
  
  ee2b65b994664f7608df6e36f47e3e566e933d60675385bdc096d320559cda72
- Size
  
  38KB
- MD5
  
  c3d93e16a9f7c75d24f6b32b8978a6cb
- SHA1
  
  f1606df1411d362958113c3501ecce7a1e41f3bc
- SHA256
  
  ee2b65b994664f7608df6e36f47e3e566e933d60675385bdc096d320559cda72
- SHA512
  
  fab400d0d3919718abebf1b4699bc9b6e0e83c2c8bfc8695c0fb7c7fa83dad3f3a1e4bc4aeee93593a99f3241b2fe20abdc66bb0d30f62791c8427c2c9bee257
- SSDEEP
  
  384:U4H4zrETIlpaYv696tOLq0DeeqVsdEQktgDj5ggAAXo2ZhfuXlKNqIC13g0kau:/YzEI7aYv6N3a5smptK5VX1/fAgQk
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2