e2754941f323fd80781d0b1e21328d9ad06e51c9df56380855fd9cd7721c2cbb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e2754941f323fd80781d0b1e21328d9ad06e51c9df56380855fd9cd7721c2cbb
Size

60KB
Sample

241009-ernapaygra
MD5

4f1664e4344aabac02e14ab2be155e49
SHA1

29a62006bc9a7e9857d519e6f286f5a69ed5759e
SHA256

e2754941f323fd80781d0b1e21328d9ad06e51c9df56380855fd9cd7721c2cbb
SHA512

3cfa87fc133203051f0a04d5c9a684c5c5c6e942ca0a0f9bd4896bb66de975be37a208581653f555946d71badce849cb53519878d6d28c117c415ee1224f1c7d
SSDEEP

1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJNpsAP:ZVxkGOtEvwDpjcNP

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  e2754941f323fd80781d0b1e21328d9ad06e51c9df56380855fd9cd7721c2cbb
- Size
  
  60KB
- MD5
  
  4f1664e4344aabac02e14ab2be155e49
- SHA1
  
  29a62006bc9a7e9857d519e6f286f5a69ed5759e
- SHA256
  
  e2754941f323fd80781d0b1e21328d9ad06e51c9df56380855fd9cd7721c2cbb
- SHA512
  
  3cfa87fc133203051f0a04d5c9a684c5c5c6e942ca0a0f9bd4896bb66de975be37a208581653f555946d71badce849cb53519878d6d28c117c415ee1224f1c7d
- SSDEEP
  
  1536:ZzFbxmLPWQMOtEvwDpj386Sj/WprgJNpsAP:ZVxkGOtEvwDpjcNP
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2