e066dabecd400d831259d1bb2c0e17c9c14736b1ed8c32c6c46ef2f39f974cf5 | Triage

Sharing

General

Target

e629edf7ddeea4d35859255dfc10e170N.exe
Size

1.1MB
Sample

240902-z2l6laxcmk
MD5

e629edf7ddeea4d35859255dfc10e170
SHA1

33c14a89a83e15b091fccfee0287cd0b25b53476
SHA256

e066dabecd400d831259d1bb2c0e17c9c14736b1ed8c32c6c46ef2f39f974cf5
SHA512

5c4fe84cbca1168f29e35379353e1a0f0b9858ecfc238cf0b68fdfe0b35db2f7ecac54fb26bc9d690b7c85e07c3d048cee5cf5047bf1a0e0bf4df7c4f68c28e8
SSDEEP

24576:h0W8HM9IgSFeG4VP47LtOnjhgWHeRHcoZlG4g5wDQL2DB/:h6i0cnlHeRrlG4g5ec29

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  e629edf7ddeea4d35859255dfc10e170N.exe
- Size
  
  1.1MB
- MD5
  
  e629edf7ddeea4d35859255dfc10e170
- SHA1
  
  33c14a89a83e15b091fccfee0287cd0b25b53476
- SHA256
  
  e066dabecd400d831259d1bb2c0e17c9c14736b1ed8c32c6c46ef2f39f974cf5
- SHA512
  
  5c4fe84cbca1168f29e35379353e1a0f0b9858ecfc238cf0b68fdfe0b35db2f7ecac54fb26bc9d690b7c85e07c3d048cee5cf5047bf1a0e0bf4df7c4f68c28e8
- SSDEEP
  
  24576:h0W8HM9IgSFeG4VP47LtOnjhgWHeRHcoZlG4g5wDQL2DB/:h6i0cnlHeRrlG4g5ec29
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence