e216d05cc6aa19bd719163fec5aea3800434f0638b76df0a99c7500456e312e6 | Triage

Sharing

General

Target

e216d05cc6aa19bd719163fec5aea3800434f0638b76df0a99c7500456e312e6N
Size

37KB
Sample

241003-xecyasthlh
MD5

21b7d2eddff0f90835da16c2c64a5850
SHA1

c19252f6106071b06f215c899fb1b7741b3be9dc
SHA256

e216d05cc6aa19bd719163fec5aea3800434f0638b76df0a99c7500456e312e6
SHA512

cf03a2abb5df6164ee5366591c922e17a806327b378e1ac0906ec23831b7a6aa759cbfa6a7887df4a523f4d135da2dcafadefbf4420865dc31a768b28f809853
SSDEEP

768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLen7CDiM:ZzFbxmLPWQMOtEvwDpjLeWOM

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  e216d05cc6aa19bd719163fec5aea3800434f0638b76df0a99c7500456e312e6N
- Size
  
  37KB
- MD5
  
  21b7d2eddff0f90835da16c2c64a5850
- SHA1
  
  c19252f6106071b06f215c899fb1b7741b3be9dc
- SHA256
  
  e216d05cc6aa19bd719163fec5aea3800434f0638b76df0a99c7500456e312e6
- SHA512
  
  cf03a2abb5df6164ee5366591c922e17a806327b378e1ac0906ec23831b7a6aa759cbfa6a7887df4a523f4d135da2dcafadefbf4420865dc31a768b28f809853
- SSDEEP
  
  768:UEEmoQDj/xnMp+yptndwe/PWQtOOtEvwDpjLen7CDiM:ZzFbxmLPWQMOtEvwDpjLeWOM
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2