1be8a65fbebcab9598fc3e8cb14d14db65f15c0d3cb7181652c58e0d8eb7b895 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1be8a65fbebcab9598fc3e8cb14d14db65f15c0d3cb7181652c58e0d8eb7b895
Size

33KB
Sample

240725-xza97ssepa
MD5

eb777fcc1f441512d72620d45e3256cd
SHA1

738738eb684a3eef4eb4cccfe8455ba21ae0efa4
SHA256

1be8a65fbebcab9598fc3e8cb14d14db65f15c0d3cb7181652c58e0d8eb7b895
SHA512

f5d8f3d6201cdba8662056db1dba78314f18b72184d72f9fb4b5acd3122870bedae8dcae30ec7ed3ff9a95788c6a46317de7b73761d8afbf065429915565c717
SSDEEP

384:MApc8m4e0GvQak4JI341C0abnk6hJPawbZ7Z:MApQr0GvdFJI34qTk6hJPawhZ

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  1be8a65fbebcab9598fc3e8cb14d14db65f15c0d3cb7181652c58e0d8eb7b895
- Size
  
  33KB
- MD5
  
  eb777fcc1f441512d72620d45e3256cd
- SHA1
  
  738738eb684a3eef4eb4cccfe8455ba21ae0efa4
- SHA256
  
  1be8a65fbebcab9598fc3e8cb14d14db65f15c0d3cb7181652c58e0d8eb7b895
- SHA512
  
  f5d8f3d6201cdba8662056db1dba78314f18b72184d72f9fb4b5acd3122870bedae8dcae30ec7ed3ff9a95788c6a46317de7b73761d8afbf065429915565c717
- SSDEEP
  
  384:MApc8m4e0GvQak4JI341C0abnk6hJPawbZ7Z:MApQr0GvdFJI34qTk6hJPawhZ
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2