f65d2e738c8a8bd8f418514223c4759c388e397621389b575a5c6d2d85532726 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f65d2e738c8a8bd8f418514223c4759c388e397621389b575a5c6d2d85532726
Size

116KB
Sample

221019-qsx23ahhe8
MD5

a21a48fb1e6e16f29181970ec2be7540
SHA1

e85b6c7f484c1647b6958ef30da2382d400a8b96
SHA256

f65d2e738c8a8bd8f418514223c4759c388e397621389b575a5c6d2d85532726
SHA512

08e3ae55a6b828ba83afb6dd8ca3d7e5242f879dd2b83df373ad7847b78703042107fe9567937b2f5c513fa0899c3ca8fc8035d2f5dbe04da8139872aab42ede
SSDEEP

3072:Yp5wMH2cdPFhNMUMq699uwiw/MFZgLgIw/fLgp9pKu:Yv3W+HMq699uwiw/knD

Score

7^/10

Malware Config

Targets

- Target
  
  f65d2e738c8a8bd8f418514223c4759c388e397621389b575a5c6d2d85532726
- Size
  
  116KB
- MD5
  
  a21a48fb1e6e16f29181970ec2be7540
- SHA1
  
  e85b6c7f484c1647b6958ef30da2382d400a8b96
- SHA256
  
  f65d2e738c8a8bd8f418514223c4759c388e397621389b575a5c6d2d85532726
- SHA512
  
  08e3ae55a6b828ba83afb6dd8ca3d7e5242f879dd2b83df373ad7847b78703042107fe9567937b2f5c513fa0899c3ca8fc8035d2f5dbe04da8139872aab42ede
- SSDEEP
  
  3072:Yp5wMH2cdPFhNMUMq699uwiw/MFZgLgIw/fLgp9pKu:Yv3W+HMq699uwiw/knD
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2