eed70edd0bfe87f956e6c21a1b9c477da225e86555034837dd5008c5022133bf | Triage

Sharing

General

Target

eed70edd0bfe87f956e6c21a1b9c477da225e86555034837dd5008c5022133bf
Size

19KB
Sample

241121-ndgqeswlhr
MD5

a5cb05b6c6afb77568489d92bbf428e9
SHA1

e0523fab595484da19d03e9f2380ad29efed54d9
SHA256

eed70edd0bfe87f956e6c21a1b9c477da225e86555034837dd5008c5022133bf
SHA512

19d944d4511b7745d4e5a98e390d80ecd4a31b4fea91bfc5df4f44961da4b89bec413df510240d77d35fe799621e8fc286121ce13bb4f77a5a308008b9fe4bf4
SSDEEP

384:WOw2RGQfMSF+Exwp/eCSPJSQTebw/lM2s:WOZRGQftFaGPMQTeT2s

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  eed70edd0bfe87f956e6c21a1b9c477da225e86555034837dd5008c5022133bf
- Size
  
  19KB
- MD5
  
  a5cb05b6c6afb77568489d92bbf428e9
- SHA1
  
  e0523fab595484da19d03e9f2380ad29efed54d9
- SHA256
  
  eed70edd0bfe87f956e6c21a1b9c477da225e86555034837dd5008c5022133bf
- SHA512
  
  19d944d4511b7745d4e5a98e390d80ecd4a31b4fea91bfc5df4f44961da4b89bec413df510240d77d35fe799621e8fc286121ce13bb4f77a5a308008b9fe4bf4
- SSDEEP
  
  384:WOw2RGQfMSF+Exwp/eCSPJSQTebw/lM2s:WOZRGQftFaGPMQTeT2s
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2