b9e07f8183d449b39e5ff8c9612c52a079295e723a2aa4e3478d1f40fe634359 | Triage

Sharing

General

Target

b9e07f8183d449b39e5ff8c9612c52a079295e723a2aa4e3478d1f40fe634359
Size

89KB
Sample

221020-m8enwabbb9
MD5

a078955a1e58917fc512a9171d03b240
SHA1

30a0b7cef3b41fb5e336a3b4eb242180355f4e35
SHA256

b9e07f8183d449b39e5ff8c9612c52a079295e723a2aa4e3478d1f40fe634359
SHA512

470541c2febfc6f93d57b8ce9654ec3db47c486295103a9d6d0590ec7c742d99f550932ec5220cb66b37f54c6dd9b3c4c9e4e6d1180baa4bf6f1425150d110ce
SSDEEP

1536:R4LDcIXAHD533a5MQxO7LeRiAfLiJaKQzQW0xYOBJyypgmDzVqzbOrtbKX28UlcF:R6lXAN336MdMfLirkQW0/nyypkUCc6bh

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  b9e07f8183d449b39e5ff8c9612c52a079295e723a2aa4e3478d1f40fe634359
- Size
  
  89KB
- MD5
  
  a078955a1e58917fc512a9171d03b240
- SHA1
  
  30a0b7cef3b41fb5e336a3b4eb242180355f4e35
- SHA256
  
  b9e07f8183d449b39e5ff8c9612c52a079295e723a2aa4e3478d1f40fe634359
- SHA512
  
  470541c2febfc6f93d57b8ce9654ec3db47c486295103a9d6d0590ec7c742d99f550932ec5220cb66b37f54c6dd9b3c4c9e4e6d1180baa4bf6f1425150d110ce
- SSDEEP
  
  1536:R4LDcIXAHD533a5MQxO7LeRiAfLiJaKQzQW0xYOBJyypgmDzVqzbOrtbKX28UlcF:R6lXAN336MdMfLirkQW0/nyypkUCc6bh
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2