eddb8bd1b1a8b6235b086ad446993ceee2f2e8a38076f7120c0f0392ba04b183 | Triage

Sharing

General

Target

eddb8bd1b1a8b6235b086ad446993ceee2f2e8a38076f7120c0f0392ba04b183.exe
Size

20KB
Sample

241121-krfthazeqa
MD5

0bfe5918d8510780af4d042381d1b749
SHA1

4730839306fcce64c07a2493ad176f2c2c922f0f
SHA256

eddb8bd1b1a8b6235b086ad446993ceee2f2e8a38076f7120c0f0392ba04b183
SHA512

e77fd67966cbc17c42b2f45a6d513fa09d5558a50eb156f21d364d4b8297e3fdead965858ef8b5d3fc5d8004ac36be132194062ed47d2c2cce1053bdc031bc28
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx+L4c:hDXWipuE+K3/SSHgxmHZc

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  eddb8bd1b1a8b6235b086ad446993ceee2f2e8a38076f7120c0f0392ba04b183.exe
- Size
  
  20KB
- MD5
  
  0bfe5918d8510780af4d042381d1b749
- SHA1
  
  4730839306fcce64c07a2493ad176f2c2c922f0f
- SHA256
  
  eddb8bd1b1a8b6235b086ad446993ceee2f2e8a38076f7120c0f0392ba04b183
- SHA512
  
  e77fd67966cbc17c42b2f45a6d513fa09d5558a50eb156f21d364d4b8297e3fdead965858ef8b5d3fc5d8004ac36be132194062ed47d2c2cce1053bdc031bc28
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYQMx+L4c:hDXWipuE+K3/SSHgxmHZc
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2