ee9ff56e5a9ca559110365355c7a9b2df16bb99064dce03e81bdd8be3d3fcfce | Triage

Sharing

General

Target

ee9ff56e5a9ca559110365355c7a9b2df16bb99064dce03e81bdd8be3d3fcfce
Size

41KB
Sample

241121-nckqpa1qd1
MD5

41c55ccc412cdc752933d3f1890801d6
SHA1

9357c4d16ad00f324b770aef5aacfde00009cebc
SHA256

ee9ff56e5a9ca559110365355c7a9b2df16bb99064dce03e81bdd8be3d3fcfce
SHA512

c153b48aa62a269a6aee7255abb85ed82dc390132d7c171171cacc93c6c2540a4e37c8f3279d57ae84f6595fbb9acddeca7b9574fdab4b2402e661a77ab2a099
SSDEEP

384:MApc8m4e0ovQak4JI341Cdabnk6hJPXA0c4:MApQr0ovdFJI34/Tk6hJPXbc4

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ee9ff56e5a9ca559110365355c7a9b2df16bb99064dce03e81bdd8be3d3fcfce
- Size
  
  41KB
- MD5
  
  41c55ccc412cdc752933d3f1890801d6
- SHA1
  
  9357c4d16ad00f324b770aef5aacfde00009cebc
- SHA256
  
  ee9ff56e5a9ca559110365355c7a9b2df16bb99064dce03e81bdd8be3d3fcfce
- SHA512
  
  c153b48aa62a269a6aee7255abb85ed82dc390132d7c171171cacc93c6c2540a4e37c8f3279d57ae84f6595fbb9acddeca7b9574fdab4b2402e661a77ab2a099
- SSDEEP
  
  384:MApc8m4e0ovQak4JI341Cdabnk6hJPXA0c4:MApQr0ovdFJI34/Tk6hJPXbc4
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2