28d165b1147d54da0db534b2f58760dfc3372c979e84d7dda0d5b691d582d5c3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28d165b1147d54da0db534b2f58760dfc3372c979e84d7dda0d5b691d582d5c3
Size

80KB
Sample

221020-b423tshbe2
MD5

814a5b02822b41a2a9c5a85a10cf8850
SHA1

b9ec2d48ea81842e0a5a4015bb2c47aedbddc43c
SHA256

28d165b1147d54da0db534b2f58760dfc3372c979e84d7dda0d5b691d582d5c3
SHA512

02be606a7f0f5578c93a82920f37b9b567175b646d086bd02201d67e63bda12db50369dd5cfc742c22fe9ead0e00618a266f872c934c312dd3f95690a1fcdc0f
SSDEEP

1536:2BSFGAux6YdpL6N/8ddLcbuDtlbnhhrVPgOkK5GlXBIBAm7pF:kRAB+LcAtlbhhrVPgOkK5GlXBIBf77

Score

7^/10

Malware Config

Targets

- Target
  
  28d165b1147d54da0db534b2f58760dfc3372c979e84d7dda0d5b691d582d5c3
- Size
  
  80KB
- MD5
  
  814a5b02822b41a2a9c5a85a10cf8850
- SHA1
  
  b9ec2d48ea81842e0a5a4015bb2c47aedbddc43c
- SHA256
  
  28d165b1147d54da0db534b2f58760dfc3372c979e84d7dda0d5b691d582d5c3
- SHA512
  
  02be606a7f0f5578c93a82920f37b9b567175b646d086bd02201d67e63bda12db50369dd5cfc742c22fe9ead0e00618a266f872c934c312dd3f95690a1fcdc0f
- SSDEEP
  
  1536:2BSFGAux6YdpL6N/8ddLcbuDtlbnhhrVPgOkK5GlXBIBAm7pF:kRAB+LcAtlbhhrVPgOkK5GlXBIBf77
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2