eb0df82ec1659643bcb78825bde48200f4c1d62aa06f716053308e4add871fc2 | Triage

Sharing

General

Target

eb0df82ec1659643bcb78825bde48200f4c1d62aa06f716053308e4add871fc2
Size

1.1MB
Sample

240908-w47zasshkb
MD5

6bf0110e18a89eac753d69d2bdf06f75
SHA1

3ad72b53837cc93b9ab5e8a39ae228f9e6c1f98e
SHA256

eb0df82ec1659643bcb78825bde48200f4c1d62aa06f716053308e4add871fc2
SHA512

50bfb517a7e1520aca633e58e2cedda43366fa79d3b7e8d4fe21e088993323e801a1b0ed3176a77f7764f4ee56b2700e55a54823980d6cb3729e3fd1d9b64b9d
SSDEEP

24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5QA:CcaClSFlG4ZM7QzM3

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  eb0df82ec1659643bcb78825bde48200f4c1d62aa06f716053308e4add871fc2
- Size
  
  1.1MB
- MD5
  
  6bf0110e18a89eac753d69d2bdf06f75
- SHA1
  
  3ad72b53837cc93b9ab5e8a39ae228f9e6c1f98e
- SHA256
  
  eb0df82ec1659643bcb78825bde48200f4c1d62aa06f716053308e4add871fc2
- SHA512
  
  50bfb517a7e1520aca633e58e2cedda43366fa79d3b7e8d4fe21e088993323e801a1b0ed3176a77f7764f4ee56b2700e55a54823980d6cb3729e3fd1d9b64b9d
- SSDEEP
  
  24576:CH0dl8myX9Bg42QoXFkrzkmmlSgRDko0lG4Z8r7Qfbkiu5QA:CcaClSFlG4ZM7QzM3
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2