abba6e43917548cfe0747f7f63fa54f09e19e961f0777ecba528bb3f1e3f5459 | Triage

Sharing

General

Target

abba6e43917548cfe0747f7f63fa54f09e19e961f0777ecba528bb3f1e3f5459
Size

184KB
Sample

221107-ht9s9affdp
MD5

5a33f88d9a0dba67419bb6ce20b4db72
SHA1

bc585e4cf5155619b0e591ab11f56570d43244a3
SHA256

abba6e43917548cfe0747f7f63fa54f09e19e961f0777ecba528bb3f1e3f5459
SHA512

b0bdb971490b90d6e1035ab68149609745bbdadb89eb22605e616c1db5256394c0f42e533ad57bdf56cd791c10c6804e9f9596873e22e81f93a3be8a630b2001
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO37:/7BSH8zUB+nGESaaRvoB7FJNndny

Score

8^/10

Malware Config

Targets

- Target
  
  abba6e43917548cfe0747f7f63fa54f09e19e961f0777ecba528bb3f1e3f5459
- Size
  
  184KB
- MD5
  
  5a33f88d9a0dba67419bb6ce20b4db72
- SHA1
  
  bc585e4cf5155619b0e591ab11f56570d43244a3
- SHA256
  
  abba6e43917548cfe0747f7f63fa54f09e19e961f0777ecba528bb3f1e3f5459
- SHA512
  
  b0bdb971490b90d6e1035ab68149609745bbdadb89eb22605e616c1db5256394c0f42e533ad57bdf56cd791c10c6804e9f9596873e22e81f93a3be8a630b2001
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO37:/7BSH8zUB+nGESaaRvoB7FJNndny
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2