be1644f29f6b46e0ed8aaaa322d4e1f06b326681c85b13ecafeacc42e3db3398 | Triage

Sharing

General

Target

be1644f29f6b46e0ed8aaaa322d4e1f06b326681c85b13ecafeacc42e3db3398
Size

116KB
Sample

221011-yxyhdscehn
MD5

4d9fe0980d4998fe5eee073b99507380
SHA1

cd06499d3e1b76dcc6e305761ff01bb7ba6bd850
SHA256

be1644f29f6b46e0ed8aaaa322d4e1f06b326681c85b13ecafeacc42e3db3398
SHA512

068b65027402ddaff192c86707a140a8fe8f49ee62cc21d6c1906abde1b79255a7a002555dde98181fe704b91a77af85f1e0d40238831d496c27ccdedc326451
SSDEEP

3072:tCKjcSg3g7ERvFb4Jl8DNGOnvXSziI3TkBuGAc8Yhmix:tCcedvFb4JlKNGs+iUTk4WZhD

Score

7^/10

Malware Config

Targets

- Target
  
  be1644f29f6b46e0ed8aaaa322d4e1f06b326681c85b13ecafeacc42e3db3398
- Size
  
  116KB
- MD5
  
  4d9fe0980d4998fe5eee073b99507380
- SHA1
  
  cd06499d3e1b76dcc6e305761ff01bb7ba6bd850
- SHA256
  
  be1644f29f6b46e0ed8aaaa322d4e1f06b326681c85b13ecafeacc42e3db3398
- SHA512
  
  068b65027402ddaff192c86707a140a8fe8f49ee62cc21d6c1906abde1b79255a7a002555dde98181fe704b91a77af85f1e0d40238831d496c27ccdedc326451
- SSDEEP
  
  3072:tCKjcSg3g7ERvFb4Jl8DNGOnvXSziI3TkBuGAc8Yhmix:tCcedvFb4JlKNGs+iUTk4WZhD
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2