ce9f634a09273dae411a9424f69854bc7283ccc11dad9eacab8123ad9e1c7b97 | Triage

Sharing

General

Target

ce9f634a09273dae411a9424f69854bc7283ccc11dad9eacab8123ad9e1c7b97
Size

13.2MB
Sample

221014-yrmtpsecc3
MD5

c3c4e50eaaa96946b5f150ae8ff99d76
SHA1

affdae36916583b27cc898432dd9c1ad357800a6
SHA256

ce9f634a09273dae411a9424f69854bc7283ccc11dad9eacab8123ad9e1c7b97
SHA512

e462805b34157ea0fc01b646677bda49c539b86295f5fe5ee03f80d60bbfead4ba1b02a5526491841752a2de0cfa01fdd6a7aa5d1ba937ac448b27705a78e9ee
SSDEEP

393216:LnGDHHz+FyvwAtgVOaH0XdB4SXYNsSm+20y4BXH7:6DHHmyvwA2b4B4i0Z

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  ce9f634a09273dae411a9424f69854bc7283ccc11dad9eacab8123ad9e1c7b97
- Size
  
  13.2MB
- MD5
  
  c3c4e50eaaa96946b5f150ae8ff99d76
- SHA1
  
  affdae36916583b27cc898432dd9c1ad357800a6
- SHA256
  
  ce9f634a09273dae411a9424f69854bc7283ccc11dad9eacab8123ad9e1c7b97
- SHA512
  
  e462805b34157ea0fc01b646677bda49c539b86295f5fe5ee03f80d60bbfead4ba1b02a5526491841752a2de0cfa01fdd6a7aa5d1ba937ac448b27705a78e9ee
- SSDEEP
  
  393216:LnGDHHz+FyvwAtgVOaH0XdB4SXYNsSm+20y4BXH7:6DHHmyvwA2b4B4i0Z
Score

8^/10

evasion
- Modifies Windows Firewall
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2