0eef26a21fc40df0e49065265ae24b79cbacb88fa96ade4c6b6456ecb9e14fc0 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

EFTSL.exe

windows10-2004-x64

7

Sharing

General

Target

EFTSL.exe
Size

25.5MB
Sample

240711-x3t7gszhnk
MD5

ad1212090afd99a2522f18dbe9f06a8e
SHA1

3e6db353db803ffa49e9547e8ec75c45e927facc
SHA256

0eef26a21fc40df0e49065265ae24b79cbacb88fa96ade4c6b6456ecb9e14fc0
SHA512

c1ba8404b971cc7571f47545dc9d358067da38498c3e33b0c2125c36a9da21d432aa125c5de703e5ec25e8ce845adaac53a035585a1a5c50b8384379e10fa872
SSDEEP

393216:+zFn06pxyVdbQXxaNVXPjflDzCWAzYatXRSP3D0M9cAWfdbewnYLc2jgTEM6k4fw:+pfwn043XPJDzrluQgdP2cTlNQYMo

Score

7^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

EFTSL.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  EFTSL.exe
- Size
  
  25.5MB
- MD5
  
  ad1212090afd99a2522f18dbe9f06a8e
- SHA1
  
  3e6db353db803ffa49e9547e8ec75c45e927facc
- SHA256
  
  0eef26a21fc40df0e49065265ae24b79cbacb88fa96ade4c6b6456ecb9e14fc0
- SHA512
  
  c1ba8404b971cc7571f47545dc9d358067da38498c3e33b0c2125c36a9da21d432aa125c5de703e5ec25e8ce845adaac53a035585a1a5c50b8384379e10fa872
- SSDEEP
  
  393216:+zFn06pxyVdbQXxaNVXPjflDzCWAzYatXRSP3D0M9cAWfdbewnYLc2jgTEM6k4fw:+pfwn043XPJDzrluQgdP2cTlNQYMo
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy