ed9b43c04ef0a51af1975ef0b7163a6954ef6bc5c35417d8cf1aafd20bf51e50 | Triage

Sharing

General

Target

ed9b43c04ef0a51af1975ef0b7163a6954ef6bc5c35417d8cf1aafd20bf51e50
Size

112KB
Sample

221002-aal9vacgf6
MD5

631ad69f46fad9e7a0e1eac01a93c090
SHA1

fa11849cfd21a6f63606df9d9bb945a6cfa4a19b
SHA256

ed9b43c04ef0a51af1975ef0b7163a6954ef6bc5c35417d8cf1aafd20bf51e50
SHA512

8148f1713f5f5478d17e237f57063026240d08a0ad3cb46ff00700c6f131f81f0fd5c0df0bf0eaf42a243ab8a4d233fbbbad5e945804bb2e343b251c6b7fefdb
SSDEEP

1536:E9wrwmU/QFkQZf2LSkS+yiPmuHS/UWrUuOOJE5fiExEENYaIT827yJ:E9wSQmQJgjTHScWrUmJElxEEC77

Score

7^/10

Malware Config

Targets

- Target
  
  ed9b43c04ef0a51af1975ef0b7163a6954ef6bc5c35417d8cf1aafd20bf51e50
- Size
  
  112KB
- MD5
  
  631ad69f46fad9e7a0e1eac01a93c090
- SHA1
  
  fa11849cfd21a6f63606df9d9bb945a6cfa4a19b
- SHA256
  
  ed9b43c04ef0a51af1975ef0b7163a6954ef6bc5c35417d8cf1aafd20bf51e50
- SHA512
  
  8148f1713f5f5478d17e237f57063026240d08a0ad3cb46ff00700c6f131f81f0fd5c0df0bf0eaf42a243ab8a4d233fbbbad5e945804bb2e343b251c6b7fefdb
- SSDEEP
  
  1536:E9wrwmU/QFkQZf2LSkS+yiPmuHS/UWrUuOOJE5fiExEENYaIT827yJ:E9wSQmQJgjTHScWrUmJElxEEC77
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2