d194a288b53abe15934366c05ecaf47259e38bbbded4f56c31468aeac4ea09b9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d194a288b53abe15934366c05ecaf47259e38bbbded4f56c31468aeac4ea09b9
Size

92KB
Sample

220919-g95zkacce3
MD5

ca1a82fbde7016cc7240e975cdebcce5
SHA1

143729c699748ab365e5dfcf9e9f6b1b50577ddd
SHA256

d194a288b53abe15934366c05ecaf47259e38bbbded4f56c31468aeac4ea09b9
SHA512

4d71e6022507ba42e4180d9e722606b26d5fa384200ef59ce9bcd91c34d3e9393921e5568b134c7d97f7528d44048eb1e4c5389a1693ecb4acdc32da99e43a0f
SSDEEP

1536:BawyQ/rhREElorg8/iwHdk6SzuAatLfts4V0dVnjy+Wm0eBec16j:fRborg8/bHdk6SzuAatLfts4KVnjy+Ww

Score

7^/10

Malware Config

Targets

- Target
  
  d194a288b53abe15934366c05ecaf47259e38bbbded4f56c31468aeac4ea09b9
- Size
  
  92KB
- MD5
  
  ca1a82fbde7016cc7240e975cdebcce5
- SHA1
  
  143729c699748ab365e5dfcf9e9f6b1b50577ddd
- SHA256
  
  d194a288b53abe15934366c05ecaf47259e38bbbded4f56c31468aeac4ea09b9
- SHA512
  
  4d71e6022507ba42e4180d9e722606b26d5fa384200ef59ce9bcd91c34d3e9393921e5568b134c7d97f7528d44048eb1e4c5389a1693ecb4acdc32da99e43a0f
- SSDEEP
  
  1536:BawyQ/rhREElorg8/iwHdk6SzuAatLfts4V0dVnjy+Wm0eBec16j:fRborg8/bHdk6SzuAatLfts4KVnjy+Ww
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2