2b8ca80ca776c90f02c90fd7e5f55fb29a756357bd9f55c432ab81cf65c22d5a | Triage

Sharing

General

Target

2b8ca80ca776c90f02c90fd7e5f55fb29a756357bd9f55c432ab81cf65c22d5a
Size

3KB
Sample

220615-b8gyfsbeb3
MD5

7df177b164c352ceccdab988a7ee255d
SHA1

bdfbabb0bc32ed7c40c0c0256bbf3f9a11d57bb7
SHA256

2b8ca80ca776c90f02c90fd7e5f55fb29a756357bd9f55c432ab81cf65c22d5a
SHA512

e1c1f76a0557276240fcdd3abe4ed21ea68600da0dad3ae7b82daa38e30c0382ce035aee110e62f35bb65ca80beb7c4adf569ef5619d3934817e7e4965fbb8a4

Score

8^/10

Malware Config

Targets

- Target
  
  Label_83803.txt.lnk
- Size
  
  9KB
- MD5
  
  ee4e5b2df114a4f76238a0a8b012f46c
- SHA1
  
  f082523c533b366149c2155a200bc6f7dc16ce8a
- SHA256
  
  5db9e0839d3567a3ca502874d1528d71c55fc55515efa3f2f1deaa95aea9b027
- SHA512
  
  c1262c315e4b359f7ff6175fe49f7573ebb25d0888d265b0b539fe73f5de41efa892450033b887111460cfbb4605ade8dcd2a1115884d1bb68658e0c5a4bab69
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2