01ca5eccc92df21c2caa3a2e4184214a7615d8299cf181ba1899a2162a51bbb3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01ca5eccc92df21c2caa3a2e4184214a7615d8299cf181ba1899a2162a51bbb3
Size

508KB
Sample

221020-c89h5sbbhp
MD5

808455cf8ae37e437ad9bdf077b2f870
SHA1

441aae9885ae9d80bdfe7776b0c5f73ce062286d
SHA256

01ca5eccc92df21c2caa3a2e4184214a7615d8299cf181ba1899a2162a51bbb3
SHA512

c289f0b25154f0a27810031bcb6726dade703739b8aeaf4356dee22ca88d91a122e00a596ec99b996352d5ab428979263851cfcfe20d19d98e9823d5f757c2ef
SSDEEP

12288:3foH0nueTK+pAuZLfQ67CJhaIH0n+fBKiw:CfePpLLfQ67kaqpf0iw

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  01ca5eccc92df21c2caa3a2e4184214a7615d8299cf181ba1899a2162a51bbb3
- Size
  
  508KB
- MD5
  
  808455cf8ae37e437ad9bdf077b2f870
- SHA1
  
  441aae9885ae9d80bdfe7776b0c5f73ce062286d
- SHA256
  
  01ca5eccc92df21c2caa3a2e4184214a7615d8299cf181ba1899a2162a51bbb3
- SHA512
  
  c289f0b25154f0a27810031bcb6726dade703739b8aeaf4356dee22ca88d91a122e00a596ec99b996352d5ab428979263851cfcfe20d19d98e9823d5f757c2ef
- SSDEEP
  
  12288:3foH0nueTK+pAuZLfQ67CJhaIH0n+fBKiw:CfePpLLfQ67kaqpf0iw
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2