ab9eacced44c39f7a5148cb1bda72b02660274a37f24525d78c0575f3c5fe7ea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab9eacced44c39f7a5148cb1bda72b02660274a37f24525d78c0575f3c5fe7ea
Size

184KB
Sample

221107-jwcrzafah4
MD5

549cccacabf1aabd262ed482d1c58030
SHA1

95ee9e1a954bf9fb19ed21866f822f26b3e02685
SHA256

ab9eacced44c39f7a5148cb1bda72b02660274a37f24525d78c0575f3c5fe7ea
SHA512

a5355acbd1f6f55636a736e4f51bca50daca818796ce8ff09570b394d640c7d66741dfa7689cb759c5b0788835e3bb2c86973888563026048bdd45dd684b83ff
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3G:/7BSH8zUB+nGESaaRvoB7FJNndnD

Score

8^/10

Malware Config

Targets

- Target
  
  ab9eacced44c39f7a5148cb1bda72b02660274a37f24525d78c0575f3c5fe7ea
- Size
  
  184KB
- MD5
  
  549cccacabf1aabd262ed482d1c58030
- SHA1
  
  95ee9e1a954bf9fb19ed21866f822f26b3e02685
- SHA256
  
  ab9eacced44c39f7a5148cb1bda72b02660274a37f24525d78c0575f3c5fe7ea
- SHA512
  
  a5355acbd1f6f55636a736e4f51bca50daca818796ce8ff09570b394d640c7d66741dfa7689cb759c5b0788835e3bb2c86973888563026048bdd45dd684b83ff
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3G:/7BSH8zUB+nGESaaRvoB7FJNndnD
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2