abcfbb8fbd5362638de2cdc33077f619f44a2a69b7e9fe1073646e16c3442d2a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

abcfbb8fbd5362638de2cdc33077f619f44a2a69b7e9fe1073646e16c3442d2a
Size

184KB
Sample

221107-gz8mpseccq
MD5

0527c4e3b9a7968c3e23262ee05b92fa
SHA1

b84242311ae4e75f402bbb5c4568204c668304e2
SHA256

abcfbb8fbd5362638de2cdc33077f619f44a2a69b7e9fe1073646e16c3442d2a
SHA512

901be5cc3ba7a96ad31041375b3714564629f8999dafe99ddd77df96626fb98b08cf8b55e99376976dc7988f3d2aba947508629518c4d04ae5285aa1fd527899
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3X:/7BSH8zUB+nGESaaRvoB7FJNndny

Score

8^/10

Malware Config

Targets

- Target
  
  abcfbb8fbd5362638de2cdc33077f619f44a2a69b7e9fe1073646e16c3442d2a
- Size
  
  184KB
- MD5
  
  0527c4e3b9a7968c3e23262ee05b92fa
- SHA1
  
  b84242311ae4e75f402bbb5c4568204c668304e2
- SHA256
  
  abcfbb8fbd5362638de2cdc33077f619f44a2a69b7e9fe1073646e16c3442d2a
- SHA512
  
  901be5cc3ba7a96ad31041375b3714564629f8999dafe99ddd77df96626fb98b08cf8b55e99376976dc7988f3d2aba947508629518c4d04ae5285aa1fd527899
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3X:/7BSH8zUB+nGESaaRvoB7FJNndny
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2