5ca1699f84fe6263bcf19ecff812e11ac525474e1d43e6b9adcf34ae46644815 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ca1699f84fe6263bcf19ecff812e11ac525474e1d43e6b9adcf34ae46644815
Size

88KB
Sample

221012-rv6yesfeb7
MD5

6ae67be38b377d6d6d75e874d1a77680
SHA1

ddc87c239649240ed50008158dc56d59c5c31b92
SHA256

5ca1699f84fe6263bcf19ecff812e11ac525474e1d43e6b9adcf34ae46644815
SHA512

ff3d3587224a3f246a1d4b01a237f2e7274177a398dccdf57dffe47293037e3fe3a8023fdbee2b6ce1affdc293ced415bf1479fa6048b34447885d9e9550d61d
SSDEEP

1536:pawyQ/BQrfR9PElorg8/iwHdk6SzuAatLfts4V0dVnjy+OnnUEu+cpdcbu:8R9Worg8/bHdk6SzuAatLfts4KVnjy+

Score

7^/10

Malware Config

Targets

- Target
  
  5ca1699f84fe6263bcf19ecff812e11ac525474e1d43e6b9adcf34ae46644815
- Size
  
  88KB
- MD5
  
  6ae67be38b377d6d6d75e874d1a77680
- SHA1
  
  ddc87c239649240ed50008158dc56d59c5c31b92
- SHA256
  
  5ca1699f84fe6263bcf19ecff812e11ac525474e1d43e6b9adcf34ae46644815
- SHA512
  
  ff3d3587224a3f246a1d4b01a237f2e7274177a398dccdf57dffe47293037e3fe3a8023fdbee2b6ce1affdc293ced415bf1479fa6048b34447885d9e9550d61d
- SSDEEP
  
  1536:pawyQ/BQrfR9PElorg8/iwHdk6SzuAatLfts4V0dVnjy+OnnUEu+cpdcbu:8R9Worg8/bHdk6SzuAatLfts4KVnjy+
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2