28da1f895909da7af9754a640414c68b5a788ffb87a96d48bdf6ef3078c59b2a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28da1f895909da7af9754a640414c68b5a788ffb87a96d48bdf6ef3078c59b2a
Size

89KB
Sample

221004-fej8yacgdl
MD5

20d66c119dda51e51b058ddff50dc0ba
SHA1

55f8821cfe882dba8a71c0412322f9ab0e1d653b
SHA256

28da1f895909da7af9754a640414c68b5a788ffb87a96d48bdf6ef3078c59b2a
SHA512

718ba68d152af0afac6d4aba919d79f4c18305772819a6ec9aa328fd5bd21e2f39eb06eacff1ad56e458e536b082c7a904b61bc8ad48d313f52046d6f3a1327d
SSDEEP

1536:B4LDcIXdWqw4uhJvv5mRwLsDr27cqC15sxNceGh83+lf5bfjB5AOB7vTi:B6lX44O5mRhDr27cqg5KcebODjTT

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  28da1f895909da7af9754a640414c68b5a788ffb87a96d48bdf6ef3078c59b2a
- Size
  
  89KB
- MD5
  
  20d66c119dda51e51b058ddff50dc0ba
- SHA1
  
  55f8821cfe882dba8a71c0412322f9ab0e1d653b
- SHA256
  
  28da1f895909da7af9754a640414c68b5a788ffb87a96d48bdf6ef3078c59b2a
- SHA512
  
  718ba68d152af0afac6d4aba919d79f4c18305772819a6ec9aa328fd5bd21e2f39eb06eacff1ad56e458e536b082c7a904b61bc8ad48d313f52046d6f3a1327d
- SSDEEP
  
  1536:B4LDcIXdWqw4uhJvv5mRwLsDr27cqC15sxNceGh83+lf5bfjB5AOB7vTi:B6lX44O5mRhDr27cqg5KcebODjTT
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2