ab3b8a92c15b3f6098e1e03f759c67db9e24d11ef4e2acefdb56fcff570ad898 | Triage

Sharing

General

Target

ab3b8a92c15b3f6098e1e03f759c67db9e24d11ef4e2acefdb56fcff570ad898
Size

184KB
Sample

221107-nxwcxsgfbr
MD5

7bbc4326d3ec7c5408b3617c728b8b25
SHA1

5676580aaf32285cfdd15757e5428ff4265182c3
SHA256

ab3b8a92c15b3f6098e1e03f759c67db9e24d11ef4e2acefdb56fcff570ad898
SHA512

04203ee0988ce41b57ddd0dc8b8560871e44a8506def017659d0290476fc3b4407c0ebb8e7d4d044c8559f4241c409d07f2eecc4a2e1d1e0b70737ec23ec43bb
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3U:/7BSH8zUB+nGESaaRvoB7FJNndnF

Score

8^/10

Malware Config

Targets

- Target
  
  ab3b8a92c15b3f6098e1e03f759c67db9e24d11ef4e2acefdb56fcff570ad898
- Size
  
  184KB
- MD5
  
  7bbc4326d3ec7c5408b3617c728b8b25
- SHA1
  
  5676580aaf32285cfdd15757e5428ff4265182c3
- SHA256
  
  ab3b8a92c15b3f6098e1e03f759c67db9e24d11ef4e2acefdb56fcff570ad898
- SHA512
  
  04203ee0988ce41b57ddd0dc8b8560871e44a8506def017659d0290476fc3b4407c0ebb8e7d4d044c8559f4241c409d07f2eecc4a2e1d1e0b70737ec23ec43bb
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3U:/7BSH8zUB+nGESaaRvoB7FJNndnF
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2