ef866e1c31d803576652a044b476d3bc6916cceeb4696a3281a8df161d29df63 | Triage

Sharing

General

Target

ef866e1c31d803576652a044b476d3bc6916cceeb4696a3281a8df161d29df63
Size

47KB
Sample

240919-dr8e7axhqc
MD5

a16138a49863ccc0614452905c17b81d
SHA1

6131df9e94351f4466e7479eaf6adc73c851f250
SHA256

ef866e1c31d803576652a044b476d3bc6916cceeb4696a3281a8df161d29df63
SHA512

35826bb3ac857f2744100dc00dd1e88eb45301927690c1f1722fee3686304369ee8a7bcfdf9927e4c740ad166e668eb5774e68aa7365d0081dba5a2784a6e246
SSDEEP

768:hAvJ4LSyC8aVN7bX3V0S0AVvs5I+Vr3EZN:2B4OyC8aVN7jljaQ

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ef866e1c31d803576652a044b476d3bc6916cceeb4696a3281a8df161d29df63
- Size
  
  47KB
- MD5
  
  a16138a49863ccc0614452905c17b81d
- SHA1
  
  6131df9e94351f4466e7479eaf6adc73c851f250
- SHA256
  
  ef866e1c31d803576652a044b476d3bc6916cceeb4696a3281a8df161d29df63
- SHA512
  
  35826bb3ac857f2744100dc00dd1e88eb45301927690c1f1722fee3686304369ee8a7bcfdf9927e4c740ad166e668eb5774e68aa7365d0081dba5a2784a6e246
- SSDEEP
  
  768:hAvJ4LSyC8aVN7bX3V0S0AVvs5I+Vr3EZN:2B4OyC8aVN7jljaQ
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2