ab75e02174a4887412ab56b32f7ea055fd1ba5038d5c517b54b702a2a1c32e4f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab75e02174a4887412ab56b32f7ea055fd1ba5038d5c517b54b702a2a1c32e4f
Size

184KB
Sample

221107-lfx43scbgr
MD5

1304f2db3db9598020aceaa561567606
SHA1

b8deb50f0b6cadb9b85d5e3256cbf4488792c12e
SHA256

ab75e02174a4887412ab56b32f7ea055fd1ba5038d5c517b54b702a2a1c32e4f
SHA512

3e409ae075d1b2f749acf136a61e540838cbde275f77b43f352acb5ed1dd96f2cc286cd7f765050f069359b67d6b11772f5cf781bbd93eb413412471bb04ef71
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO34n:/7BSH8zUB+nGESaaRvoB7FJNndnh

Score

8^/10

Malware Config

Targets

- Target
  
  ab75e02174a4887412ab56b32f7ea055fd1ba5038d5c517b54b702a2a1c32e4f
- Size
  
  184KB
- MD5
  
  1304f2db3db9598020aceaa561567606
- SHA1
  
  b8deb50f0b6cadb9b85d5e3256cbf4488792c12e
- SHA256
  
  ab75e02174a4887412ab56b32f7ea055fd1ba5038d5c517b54b702a2a1c32e4f
- SHA512
  
  3e409ae075d1b2f749acf136a61e540838cbde275f77b43f352acb5ed1dd96f2cc286cd7f765050f069359b67d6b11772f5cf781bbd93eb413412471bb04ef71
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO34n:/7BSH8zUB+nGESaaRvoB7FJNndnh
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2