6429e5299fac811b70801e63249c5eb5aff46fcf2c87780b2bf57580de4499a0 | Triage

Sharing

General

Target

210108aa3ab47245b13fa0bd29ea758c.zip
Size

10KB
Sample

240903-yebkxawelg
MD5

a934c88c231d8cd5074929be4a8222bc
SHA1

5d68e866b5ffc9ccd63b1b0e3279483b2de98660
SHA256

6429e5299fac811b70801e63249c5eb5aff46fcf2c87780b2bf57580de4499a0
SHA512

2b9c93cf3e0c11477fe92b724612c120d2eb9d899e88b908f81f97740ba01c9d5abc7f8f5e8047796273b699521d6fe94033c6a165c0426b34475df8b0bb62f2
SSDEEP

192:7IXxRWDsfhSJaiUtcXkLhxGae/JNK9X9Zj0a6TsaMK333o:6RWDsfKUOChx+x8Xn6YaH334

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  36b8247ae008de2194f4c22c6c1dc5f757de951ba933ec3aa4ed7a239f283e4d
- Size
  
  16KB
- MD5
  
  210108aa3ab47245b13fa0bd29ea758c
- SHA1
  
  725805eb6515c02de3da674370cd32d0aa625554
- SHA256
  
  36b8247ae008de2194f4c22c6c1dc5f757de951ba933ec3aa4ed7a239f283e4d
- SHA512
  
  c8c662afd43187f9d657ac65e1e14191f9b9006a11a09854cb012a07d63520901eed56d195e531973ba6139ecb0c96f695663624d71806a85369f4bf6d5657cc
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhRz7:hDXWipuE+K3/SSHgx37
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2