feac0e1e2585b43e726ceea6c6f558d01e4ae8d236e00d328915392dddbed388 | Triage

Sharing

General

Target

feac0e1e2585b43e726ceea6c6f558d01e4ae8d236e00d328915392dddbed388.exe
Size

16KB
Sample

241121-hllfpatqar
MD5

c6c4a0eec4fd1bb3c516ba553c4bfaa5
SHA1

59f9ec19a4f3ea832aa9af2ff8f78752c504de7b
SHA256

feac0e1e2585b43e726ceea6c6f558d01e4ae8d236e00d328915392dddbed388
SHA512

fe43c5e3b55b6e0563b715b4a223a2796c02ea1f3225e90f6e0d3abea0b81bdcd8191a55674557ecf87b0374e59b93a205339ea511fe531ddb7ed3c873be789b
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhD8Zn:hDXWipuE+K3/SSHgxt6n

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  feac0e1e2585b43e726ceea6c6f558d01e4ae8d236e00d328915392dddbed388.exe
- Size
  
  16KB
- MD5
  
  c6c4a0eec4fd1bb3c516ba553c4bfaa5
- SHA1
  
  59f9ec19a4f3ea832aa9af2ff8f78752c504de7b
- SHA256
  
  feac0e1e2585b43e726ceea6c6f558d01e4ae8d236e00d328915392dddbed388
- SHA512
  
  fe43c5e3b55b6e0563b715b4a223a2796c02ea1f3225e90f6e0d3abea0b81bdcd8191a55674557ecf87b0374e59b93a205339ea511fe531ddb7ed3c873be789b
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhD8Zn:hDXWipuE+K3/SSHgxt6n
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2