e37ecfae1168dd9d1283a74a0db8e98085bbe60c8ecf8b376ce46307102a49ec | Triage

Sharing

General

Target

e37ecfae1168dd9d1283a74a0db8e98085bbe60c8ecf8b376ce46307102a49ec.exe
Size

2.8MB
Sample

241121-esl41syare
MD5

556eca1bf420d8c4971fc8a82fe2ea61
SHA1

4d055c18b5e38ba0c0d9d0786c42cfae76a2fa44
SHA256

e37ecfae1168dd9d1283a74a0db8e98085bbe60c8ecf8b376ce46307102a49ec
SHA512

23d8b2453cec941a4613f789665a78911c93d915ddafd953f0edae763ebfcf5d890052dfcbb0e7e2cf48d17fd79e6ca3f11644de3bc4bee4908298ad60c794a2
SSDEEP

49152:+7ubbFX8AjjChwIFikm0aY3bWTMSDJytcntLk90:3x8AjjY1UfY3bWTMSDJc0

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  e37ecfae1168dd9d1283a74a0db8e98085bbe60c8ecf8b376ce46307102a49ec.exe
- Size
  
  2.8MB
- MD5
  
  556eca1bf420d8c4971fc8a82fe2ea61
- SHA1
  
  4d055c18b5e38ba0c0d9d0786c42cfae76a2fa44
- SHA256
  
  e37ecfae1168dd9d1283a74a0db8e98085bbe60c8ecf8b376ce46307102a49ec
- SHA512
  
  23d8b2453cec941a4613f789665a78911c93d915ddafd953f0edae763ebfcf5d890052dfcbb0e7e2cf48d17fd79e6ca3f11644de3bc4bee4908298ad60c794a2
- SSDEEP
  
  49152:+7ubbFX8AjjChwIFikm0aY3bWTMSDJytcntLk90:3x8AjjY1UfY3bWTMSDJc0
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2