22d04620e04138238b6777bbf5cfdfd2f76b629ff5ef70c41d8aff2756a48213 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bee868a3a7dd100646c3ec7da39dce97.zip
Size

10KB
Sample

240901-ef52cs1elb
MD5

b2d63dcb5007d8e8ff0d13fb1c37ba10
SHA1

9b281a775110e9cdee46a65fc40ef1783f4ee186
SHA256

22d04620e04138238b6777bbf5cfdfd2f76b629ff5ef70c41d8aff2756a48213
SHA512

0852c6e84a1fa683285d46a7d92bac20b1d20a08d5e24b4289b796ffc83aae3acf7d71e36f9226217c781a21355909e5234f394723971819f3f1263b0cb2ceeb
SSDEEP

192:E+2fJZmTolQqgT+7jORoYKrfmEfxoY1RwqviRl+8wvAwD63in:kM4Q1CPBYeuCyYCRsOin

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  4eecd5d3a0a9ab0fff8883a40805b4ac9cf3f219ce641313baea80d2c8657c1b
- Size
  
  16KB
- MD5
  
  bee868a3a7dd100646c3ec7da39dce97
- SHA1
  
  6aa880a1d6bdd01b99854b8e548bbf6b9c89853b
- SHA256
  
  4eecd5d3a0a9ab0fff8883a40805b4ac9cf3f219ce641313baea80d2c8657c1b
- SHA512
  
  6bfd8eb96f0226309c7de60896098d4d263798e13632eae9c7d4e379a55d7c5bad82e859bf78e7c6c7e1fea6df9eb476447cb52cd5dafd4b90d525b3a46df052
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhayPc:hDXWipuE+K3/SSHgxZ0
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2