ab5f3daec37c307e4d002d7063d0423187c07e88f7c994984a96f4f5a7cac053 | Triage

Sharing

General

Target

ab5f3daec37c307e4d002d7063d0423187c07e88f7c994984a96f4f5a7cac053
Size

184KB
Sample

221107-mdk76sdhcn
MD5

84bfc8bcd738871f997f9aa4a61da090
SHA1

6ae619e0cac6aad0bf42ba104146166b61960cdc
SHA256

ab5f3daec37c307e4d002d7063d0423187c07e88f7c994984a96f4f5a7cac053
SHA512

14cb2fa3ff029591c779250871fc7ddf5ccda39754493acc72052309b665d1755b8bed32b18d0e8409f164cea3f8fac312f50f4ddf32a55c9bfcba9cf35db8b3
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3p:/7BSH8zUB+nGESaaRvoB7FJNndnk

Score

8^/10

Malware Config

Targets

- Target
  
  ab5f3daec37c307e4d002d7063d0423187c07e88f7c994984a96f4f5a7cac053
- Size
  
  184KB
- MD5
  
  84bfc8bcd738871f997f9aa4a61da090
- SHA1
  
  6ae619e0cac6aad0bf42ba104146166b61960cdc
- SHA256
  
  ab5f3daec37c307e4d002d7063d0423187c07e88f7c994984a96f4f5a7cac053
- SHA512
  
  14cb2fa3ff029591c779250871fc7ddf5ccda39754493acc72052309b665d1755b8bed32b18d0e8409f164cea3f8fac312f50f4ddf32a55c9bfcba9cf35db8b3
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3p:/7BSH8zUB+nGESaaRvoB7FJNndnk
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2