e1f8b00f05923dce7e47d5de0cff7c928e08dead70c11483b66bb623076c6b39 | Triage

Sharing

General

Target

e1f8b00f05923dce7e47d5de0cff7c928e08dead70c11483b66bb623076c6b39
Size

639KB
Sample

240901-bq4z9sxanf
MD5

5185850a2e9b31d47475969f77da64e5
SHA1

936da4181f4d281038b470048063479a459b21fe
SHA256

e1f8b00f05923dce7e47d5de0cff7c928e08dead70c11483b66bb623076c6b39
SHA512

fe4a3607d64f9d320e1df907280f10eac4da91141d1ab727982d4cab4194b34d2220f63a667b166ae118c0b621b02f47c354f9392ff9ee40a9d991a081bbedbb
SSDEEP

12288:qXbWzxWsXJpE04glCFZs/U+eLhuU9y02ud3Np39jJ5wJE4MsGZ4Q:dXU04Iws/09djJ

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  e1f8b00f05923dce7e47d5de0cff7c928e08dead70c11483b66bb623076c6b39
- Size
  
  639KB
- MD5
  
  5185850a2e9b31d47475969f77da64e5
- SHA1
  
  936da4181f4d281038b470048063479a459b21fe
- SHA256
  
  e1f8b00f05923dce7e47d5de0cff7c928e08dead70c11483b66bb623076c6b39
- SHA512
  
  fe4a3607d64f9d320e1df907280f10eac4da91141d1ab727982d4cab4194b34d2220f63a667b166ae118c0b621b02f47c354f9392ff9ee40a9d991a081bbedbb
- SSDEEP
  
  12288:qXbWzxWsXJpE04glCFZs/U+eLhuU9y02ud3Np39jJ5wJE4MsGZ4Q:dXU04Iws/09djJ
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2