02d7aebe2c4f2e7ff0f1afcc4a674c364a4eb1cdecc8a17d3edfbfc9a376c60c | Triage

Sharing

General

Target

fec2ebc49eece7d3f0104e3b19cca620N.exe
Size

279KB
Sample

240822-b6h3qssclb
MD5

fec2ebc49eece7d3f0104e3b19cca620
SHA1

6d8d9e8bbb318ad8ffb02576ea1bcbeea5e0706e
SHA256

02d7aebe2c4f2e7ff0f1afcc4a674c364a4eb1cdecc8a17d3edfbfc9a376c60c
SHA512

9c1c349d6f5a50642df36182d956a087963d116c946ecfb976b0fbc093110c3175798add138c3a87ddb45bcc730d74a95af9e88b35794486a34552d297a86d56
SSDEEP

3072:R8ERv3zZZm5c4Sq+YN95wFT0z+QadjN3rOwRXENk+Y0yFNzlUu0Vw:R8EZrm55Zt5wFwz+TdpRXENFTAkVw

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  fec2ebc49eece7d3f0104e3b19cca620N.exe
- Size
  
  279KB
- MD5
  
  fec2ebc49eece7d3f0104e3b19cca620
- SHA1
  
  6d8d9e8bbb318ad8ffb02576ea1bcbeea5e0706e
- SHA256
  
  02d7aebe2c4f2e7ff0f1afcc4a674c364a4eb1cdecc8a17d3edfbfc9a376c60c
- SHA512
  
  9c1c349d6f5a50642df36182d956a087963d116c946ecfb976b0fbc093110c3175798add138c3a87ddb45bcc730d74a95af9e88b35794486a34552d297a86d56
- SSDEEP
  
  3072:R8ERv3zZZm5c4Sq+YN95wFT0z+QadjN3rOwRXENk+Y0yFNzlUu0Vw:R8EZrm55Zt5wFwz+TdpRXENFTAkVw
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2