e99c8f424e65b14a94908bf8d1f9ecfd302c5897b93c0e13ba1a305f6e1ef8e3 | Triage

Sharing

General

Target

e99c8f424e65b14a94908bf8d1f9ecfd302c5897b93c0e13ba1a305f6e1ef8e3
Size

266KB
Sample

241130-fszksayleq
MD5

0d993b952a5fea6be4616584c592d593
SHA1

3bfdefe052b386adf1e762f727be3564eb9e0210
SHA256

e99c8f424e65b14a94908bf8d1f9ecfd302c5897b93c0e13ba1a305f6e1ef8e3
SHA512

c7da79a758c7a2cddaf9da544b12a640730808f4367a1e0bb9b77a415976611233095367040d190022661d15510113a8c17ef55172321242ff360ff6263e4345
SSDEEP

6144:Br6reu56KHY7vu1H1RBGl8TVXFeZYYbFAcbeu5Z5AxTi/Irz:gCqY721HtZeYPIpPW0/Sz

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  e99c8f424e65b14a94908bf8d1f9ecfd302c5897b93c0e13ba1a305f6e1ef8e3
- Size
  
  266KB
- MD5
  
  0d993b952a5fea6be4616584c592d593
- SHA1
  
  3bfdefe052b386adf1e762f727be3564eb9e0210
- SHA256
  
  e99c8f424e65b14a94908bf8d1f9ecfd302c5897b93c0e13ba1a305f6e1ef8e3
- SHA512
  
  c7da79a758c7a2cddaf9da544b12a640730808f4367a1e0bb9b77a415976611233095367040d190022661d15510113a8c17ef55172321242ff360ff6263e4345
- SSDEEP
  
  6144:Br6reu56KHY7vu1H1RBGl8TVXFeZYYbFAcbeu5Z5AxTi/Irz:gCqY721HtZeYPIpPW0/Sz
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2