a88c22a7b6129aae4d27c749f6ac6e9d849a059e58ba8b22e014951322cfb183 | Triage

Sharing

General

Target

a88c22a7b6129aae4d27c749f6ac6e9d849a059e58ba8b22e014951322cfb183
Size

193KB
Sample

221029-skhcrabhb9
MD5

dd47316489e145ccf5650250c0782d1c
SHA1

387b68061c2bd47e4ae6318da8cfd8b99687c841
SHA256

a88c22a7b6129aae4d27c749f6ac6e9d849a059e58ba8b22e014951322cfb183
SHA512

634c963c579b87c4a188a5e8d3d07c7ac839d345e9ab78f1ee30f7ab0e46e68725dc04d659b8c6a44385e6dda8cde12951cf729721072aeab2c5f938d011c719
SSDEEP

6144:lRUKClejH/OpOR9UgnrJbqiK3pLpdudSROKqLWvMwpS:lCp0jH/Op7sq/5LpdU42/

Score

8^/10

Malware Config

Targets

- Target
  
  a88c22a7b6129aae4d27c749f6ac6e9d849a059e58ba8b22e014951322cfb183
- Size
  
  193KB
- MD5
  
  dd47316489e145ccf5650250c0782d1c
- SHA1
  
  387b68061c2bd47e4ae6318da8cfd8b99687c841
- SHA256
  
  a88c22a7b6129aae4d27c749f6ac6e9d849a059e58ba8b22e014951322cfb183
- SHA512
  
  634c963c579b87c4a188a5e8d3d07c7ac839d345e9ab78f1ee30f7ab0e46e68725dc04d659b8c6a44385e6dda8cde12951cf729721072aeab2c5f938d011c719
- SSDEEP
  
  6144:lRUKClejH/OpOR9UgnrJbqiK3pLpdudSROKqLWvMwpS:lCp0jH/Op7sq/5LpdU42/
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2