e201e9a5c9fd3a68f54e2ada061a242df3ed813e56d2b09e2c8efc04953c2f72 | Triage

Sharing

General

Target

e201e9a5c9fd3a68f54e2ada061a242df3ed813e56d2b09e2c8efc04953c2f72
Size

208KB
Sample

241121-l6zetsvrfq
MD5

8391d3b5332c4b1164333ddce388a8c7
SHA1

b982fc92ed38565debf033b0ffaa2181a8caa5e7
SHA256

e201e9a5c9fd3a68f54e2ada061a242df3ed813e56d2b09e2c8efc04953c2f72
SHA512

f42b0ec317a534af6239ec7bfb6ff22e4e3e8abf0316b9a0666b073212f4ba6d989ddce2d40d0ea460e85b245b8637b1801bbf6ca5de9944171af3134cca2c96
SSDEEP

6144:UbqlnFfmUszBnDo8zbKTYUDRpzX4A7dnWldUTYFF9i8WnI:j6dn2TYUDRpzX4A7dnWldUTYFF9i8WnI

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  e201e9a5c9fd3a68f54e2ada061a242df3ed813e56d2b09e2c8efc04953c2f72
- Size
  
  208KB
- MD5
  
  8391d3b5332c4b1164333ddce388a8c7
- SHA1
  
  b982fc92ed38565debf033b0ffaa2181a8caa5e7
- SHA256
  
  e201e9a5c9fd3a68f54e2ada061a242df3ed813e56d2b09e2c8efc04953c2f72
- SHA512
  
  f42b0ec317a534af6239ec7bfb6ff22e4e3e8abf0316b9a0666b073212f4ba6d989ddce2d40d0ea460e85b245b8637b1801bbf6ca5de9944171af3134cca2c96
- SSDEEP
  
  6144:UbqlnFfmUszBnDo8zbKTYUDRpzX4A7dnWldUTYFF9i8WnI:j6dn2TYUDRpzX4A7dnWldUTYFF9i8WnI
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2