b1b45275bba39b5a42971215c172aa6ce38d5cac9bd7c5824814844d6aeb9d4a | Triage

Sharing

General

Target

b1b45275bba39b5a42971215c172aa6ce38d5cac9bd7c5824814844d6aeb9d4a
Size

86KB
Sample

221106-vkmzcacde7
MD5

0d03baaedd6bd4e5a0151ad70353f660
SHA1

464e4f0ce556905fa448a9bb16684eaaaa61286d
SHA256

b1b45275bba39b5a42971215c172aa6ce38d5cac9bd7c5824814844d6aeb9d4a
SHA512

f2c6dcf9895ed657e84973e912117e1ed02248ba5e35aff67b28241ed4533ddacce5e55f63bf917eb197bac27740051d5fe5f65bde3721c90ca7de44bcb2e53a
SSDEEP

1536:v/E/8FZigTqltnSe+L6ZtTqI1Rfkq4ZAczYPpwk5UrT2sC:vckDigT6SBCt71RfkqXlUn2s

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  b1b45275bba39b5a42971215c172aa6ce38d5cac9bd7c5824814844d6aeb9d4a
- Size
  
  86KB
- MD5
  
  0d03baaedd6bd4e5a0151ad70353f660
- SHA1
  
  464e4f0ce556905fa448a9bb16684eaaaa61286d
- SHA256
  
  b1b45275bba39b5a42971215c172aa6ce38d5cac9bd7c5824814844d6aeb9d4a
- SHA512
  
  f2c6dcf9895ed657e84973e912117e1ed02248ba5e35aff67b28241ed4533ddacce5e55f63bf917eb197bac27740051d5fe5f65bde3721c90ca7de44bcb2e53a
- SSDEEP
  
  1536:v/E/8FZigTqltnSe+L6ZtTqI1Rfkq4ZAczYPpwk5UrT2sC:vckDigT6SBCt71RfkqXlUn2s
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2