20bee61f6fed1c98754ffbd7debf7ed4d3f7ecff33277761006f1bf83dcf9f12 | Triage

Sharing

General

Target

20bee61f6fed1c98754ffbd7debf7ed4d3f7ecff33277761006f1bf83dcf9f12.exe
Size

20KB
Sample

241121-lhklrs1kdt
MD5

61fe00f3330bf6cb21eae87a60cd0309
SHA1

f56385c05594c4471652ceb0e40950f7bf3b60cc
SHA256

20bee61f6fed1c98754ffbd7debf7ed4d3f7ecff33277761006f1bf83dcf9f12
SHA512

8c2dd94954f6654fcccf09aaca41c9e215bfe510bf5389648199323075f719d3cf84930888d18e8fec690aea73048e86b3bd0ae893631003635b79e0d9c8f56c
SSDEEP

384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYlOS:hDXWipuE+K3/SSHgxmlb

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  20bee61f6fed1c98754ffbd7debf7ed4d3f7ecff33277761006f1bf83dcf9f12.exe
- Size
  
  20KB
- MD5
  
  61fe00f3330bf6cb21eae87a60cd0309
- SHA1
  
  f56385c05594c4471652ceb0e40950f7bf3b60cc
- SHA256
  
  20bee61f6fed1c98754ffbd7debf7ed4d3f7ecff33277761006f1bf83dcf9f12
- SHA512
  
  8c2dd94954f6654fcccf09aaca41c9e215bfe510bf5389648199323075f719d3cf84930888d18e8fec690aea73048e86b3bd0ae893631003635b79e0d9c8f56c
- SSDEEP
  
  384:hdtXWiJCQxsEwvK3RpSSHuGQG2Rqm4YhYlOS:hDXWipuE+K3/SSHgxmlb
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2