17f5da21db40adc6fa99e009e40e428fadcb2375fc40082b23e13200e6ff2bed | Triage

Sharing

General

Target

17f5da21db40adc6fa99e009e40e428fadcb2375fc40082b23e13200e6ff2bed
Size

250KB
Sample

221011-y61zwachd7
MD5

6829f61a45ab2e0b982cc946bcc9b070
SHA1

fef3874ae8dc98baf904e63d1364ebd556c77862
SHA256

17f5da21db40adc6fa99e009e40e428fadcb2375fc40082b23e13200e6ff2bed
SHA512

7ad6a9f0f2c7b8cdda3e08a6a1011b7bb084d00bdd21681856db199ba63f202a35bf144903754cea7cd543b9060ecdd8278e66f2bbcadd24bed91dc9e7526109
SSDEEP

6144:8PFDxdkc2Mf+lhjmyPFDxdkc2Mf+lhjm:UDx0hjTDx0hj

Score

7^/10

Malware Config

Targets

- Target
  
  17f5da21db40adc6fa99e009e40e428fadcb2375fc40082b23e13200e6ff2bed
- Size
  
  250KB
- MD5
  
  6829f61a45ab2e0b982cc946bcc9b070
- SHA1
  
  fef3874ae8dc98baf904e63d1364ebd556c77862
- SHA256
  
  17f5da21db40adc6fa99e009e40e428fadcb2375fc40082b23e13200e6ff2bed
- SHA512
  
  7ad6a9f0f2c7b8cdda3e08a6a1011b7bb084d00bdd21681856db199ba63f202a35bf144903754cea7cd543b9060ecdd8278e66f2bbcadd24bed91dc9e7526109
- SSDEEP
  
  6144:8PFDxdkc2Mf+lhjmyPFDxdkc2Mf+lhjm:UDx0hjTDx0hj
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2