ab650bbc4e86ff093ea6ded43fe5827138d5f5e32511ea7afe300add47a0abba | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab650bbc4e86ff093ea6ded43fe5827138d5f5e32511ea7afe300add47a0abba
Size

184KB
Sample

221107-l49ssadddl
MD5

00a69af0004c48414416b36ac514573d
SHA1

3165878819221a6e014a43e40175fbf3c1d4504c
SHA256

ab650bbc4e86ff093ea6ded43fe5827138d5f5e32511ea7afe300add47a0abba
SHA512

11e676230b82680512b967fb07008ea83c48ef8ec3786837e3e0eca9cec3e5878884e5c641863b8d89ff6f3cf3a27ea19e27741904bf5d037fb800044a7e67d0
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO30:/7BSH8zUB+nGESaaRvoB7FJNndn1

Score

8^/10

Malware Config

Targets

- Target
  
  ab650bbc4e86ff093ea6ded43fe5827138d5f5e32511ea7afe300add47a0abba
- Size
  
  184KB
- MD5
  
  00a69af0004c48414416b36ac514573d
- SHA1
  
  3165878819221a6e014a43e40175fbf3c1d4504c
- SHA256
  
  ab650bbc4e86ff093ea6ded43fe5827138d5f5e32511ea7afe300add47a0abba
- SHA512
  
  11e676230b82680512b967fb07008ea83c48ef8ec3786837e3e0eca9cec3e5878884e5c641863b8d89ff6f3cf3a27ea19e27741904bf5d037fb800044a7e67d0
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO30:/7BSH8zUB+nGESaaRvoB7FJNndn1
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2