ab152473324e966b455a4370b974c8ca4b2d60995b075af155fbedb5930dfae0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab152473324e966b455a4370b974c8ca4b2d60995b075af155fbedb5930dfae0
Size

184KB
Sample

221107-qbfrfsbbdn
MD5

7a46258eb7e4e3ed3d2209a80ebba87d
SHA1

ae2f5ef96c65ba5ea30851df809c65108d91b601
SHA256

ab152473324e966b455a4370b974c8ca4b2d60995b075af155fbedb5930dfae0
SHA512

e871e543f7c579096f4a35b0c5f51fc55467661fd497f6fabc7a5a87bee823c670d853b4c7f35c0db85109c03fc46a14ac07fc779e48e8b281d22c7e55687826
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3q:/7BSH8zUB+nGESaaRvoB7FJNndnP

Score

8^/10

Malware Config

Targets

- Target
  
  ab152473324e966b455a4370b974c8ca4b2d60995b075af155fbedb5930dfae0
- Size
  
  184KB
- MD5
  
  7a46258eb7e4e3ed3d2209a80ebba87d
- SHA1
  
  ae2f5ef96c65ba5ea30851df809c65108d91b601
- SHA256
  
  ab152473324e966b455a4370b974c8ca4b2d60995b075af155fbedb5930dfae0
- SHA512
  
  e871e543f7c579096f4a35b0c5f51fc55467661fd497f6fabc7a5a87bee823c670d853b4c7f35c0db85109c03fc46a14ac07fc779e48e8b281d22c7e55687826
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3q:/7BSH8zUB+nGESaaRvoB7FJNndnP
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2