99cd998a479156e669d097a7420229d2c8b7c9671b5efe1d2cedc4c0635c4637 | Triage

Sharing

General

Target

5e1b3c0da52690da1e46301d2fcb0800N.exe
Size

42KB
Sample

240726-ddekyssark
MD5

5e1b3c0da52690da1e46301d2fcb0800
SHA1

83f4f49b0cedd49f4456d435bc4eadf7e4c5d2a1
SHA256

99cd998a479156e669d097a7420229d2c8b7c9671b5efe1d2cedc4c0635c4637
SHA512

97ccc7867d958258c7882ef4cc8a5b0366717bccbd013363509c5d90f6a472e157a888ac9c22e20b0ef423e5942b3c03897444f71f52197328b05d49c6987225
SSDEEP

384:I8/JYSrFQjGezfNHP1zZYpMYUzMk9hBcecy0rtKqhMa82c7ky435/tVcOOVo:F/3ed1zZN/zoy0rt/Mdn43RvcOx

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  5e1b3c0da52690da1e46301d2fcb0800N.exe
- Size
  
  42KB
- MD5
  
  5e1b3c0da52690da1e46301d2fcb0800
- SHA1
  
  83f4f49b0cedd49f4456d435bc4eadf7e4c5d2a1
- SHA256
  
  99cd998a479156e669d097a7420229d2c8b7c9671b5efe1d2cedc4c0635c4637
- SHA512
  
  97ccc7867d958258c7882ef4cc8a5b0366717bccbd013363509c5d90f6a472e157a888ac9c22e20b0ef423e5942b3c03897444f71f52197328b05d49c6987225
- SSDEEP
  
  384:I8/JYSrFQjGezfNHP1zZYpMYUzMk9hBcecy0rtKqhMa82c7ky435/tVcOOVo:F/3ed1zZN/zoy0rt/Mdn43RvcOx
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2