c2eb07cf0e3a9e05603335796b2583994eda27d5e3d646090069eb6f0e1a34b6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c2eb07cf0e3a9e05603335796b2583994eda27d5e3d646090069eb6f0e1a34b6N
Size

526KB
Sample

241003-a7b55szapg
MD5

7f2310e3a11777ae2c4e387dc2f8cad0
SHA1

617002dae4ae35b79f49c949d0400f1339f714cc
SHA256

c2eb07cf0e3a9e05603335796b2583994eda27d5e3d646090069eb6f0e1a34b6
SHA512

081edceec5d19b7152704fb90e7514a28519047ebafc700bb2f0f8c99f4a947e7a520f40bc160d3fbaba9284b551aad4e83bc6484adbb69c044bd1f816ce1cec
SSDEEP

3072:wCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxD:wqDAwl0xPTMiR9JSSxPUKYGdodH6

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  c2eb07cf0e3a9e05603335796b2583994eda27d5e3d646090069eb6f0e1a34b6N
- Size
  
  526KB
- MD5
  
  7f2310e3a11777ae2c4e387dc2f8cad0
- SHA1
  
  617002dae4ae35b79f49c949d0400f1339f714cc
- SHA256
  
  c2eb07cf0e3a9e05603335796b2583994eda27d5e3d646090069eb6f0e1a34b6
- SHA512
  
  081edceec5d19b7152704fb90e7514a28519047ebafc700bb2f0f8c99f4a947e7a520f40bc160d3fbaba9284b551aad4e83bc6484adbb69c044bd1f816ce1cec
- SSDEEP
  
  3072:wCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxD:wqDAwl0xPTMiR9JSSxPUKYGdodH6
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2