ee48bff1f8ad92ccd405b5e5c0e26eb2d6fa5b7c729a7b876ec1685b58ca4ba7 | Triage

Sharing

General

Target

ee48bff1f8ad92ccd405b5e5c0e26eb2d6fa5b7c729a7b876ec1685b58ca4ba7
Size

34KB
Sample

241018-e2wptazflk
MD5

5e96f46ff4769775868d897b0ae5b9cc
SHA1

36ff426acbce40def9329b808bc79d1d8b94e614
SHA256

ee48bff1f8ad92ccd405b5e5c0e26eb2d6fa5b7c729a7b876ec1685b58ca4ba7
SHA512

119953cbfb6f136c9ac401d872558028cb3ed1086ba61e56ebd05b018c3989b4ba709652766b14ed03fa45f219df2c8469369653f36c100db8c9e0c35625370a
SSDEEP

384:fY/7iMmQgVC+02JWuCSPmSQTebw/UqFPpF5bGwpUZyjAEbjS7DFHvY3ECjm:y12JTPRQTeZq1bUWQD1Q3nS

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ee48bff1f8ad92ccd405b5e5c0e26eb2d6fa5b7c729a7b876ec1685b58ca4ba7
- Size
  
  34KB
- MD5
  
  5e96f46ff4769775868d897b0ae5b9cc
- SHA1
  
  36ff426acbce40def9329b808bc79d1d8b94e614
- SHA256
  
  ee48bff1f8ad92ccd405b5e5c0e26eb2d6fa5b7c729a7b876ec1685b58ca4ba7
- SHA512
  
  119953cbfb6f136c9ac401d872558028cb3ed1086ba61e56ebd05b018c3989b4ba709652766b14ed03fa45f219df2c8469369653f36c100db8c9e0c35625370a
- SSDEEP
  
  384:fY/7iMmQgVC+02JWuCSPmSQTebw/UqFPpF5bGwpUZyjAEbjS7DFHvY3ECjm:y12JTPRQTeZq1bUWQD1Q3nS
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2