1631556e72b6f79050184dbe7e3035330d2c5d4aafe397e94c4ab338399298de | Triage

Sharing

General

Target

1631556e72b6f79050184dbe7e3035330d2c5d4aafe397e94c4ab338399298de
Size

40KB
Sample

221123-tbeqyagf5t
MD5

4381dbe0950ef96e6aa1bafba7c02b00
SHA1

fc8746dbed5980eaca2bd4f9a9c71fcb73924090
SHA256

1631556e72b6f79050184dbe7e3035330d2c5d4aafe397e94c4ab338399298de
SHA512

b1562376cc78363ab383620c9fcc7ec2bbe2166c78665b0532b9070a612b4bb473e3fdac643c7dda85604faeaf00012b26b5d4431eb0679cb24eae1d67686d0d
SSDEEP

384:LFSKl3cRVsTtTuTtP4tx+t+88THpN+iQkjnRkcWBBobIiN5xeiuP9zl6l+Zcijrh:B6RVsxqt+dVnKnQTxgZbcS8Jcki

Score

7^/10

Malware Config

Targets

- Target
  
  1631556e72b6f79050184dbe7e3035330d2c5d4aafe397e94c4ab338399298de
- Size
  
  40KB
- MD5
  
  4381dbe0950ef96e6aa1bafba7c02b00
- SHA1
  
  fc8746dbed5980eaca2bd4f9a9c71fcb73924090
- SHA256
  
  1631556e72b6f79050184dbe7e3035330d2c5d4aafe397e94c4ab338399298de
- SHA512
  
  b1562376cc78363ab383620c9fcc7ec2bbe2166c78665b0532b9070a612b4bb473e3fdac643c7dda85604faeaf00012b26b5d4431eb0679cb24eae1d67686d0d
- SSDEEP
  
  384:LFSKl3cRVsTtTuTtP4tx+t+88THpN+iQkjnRkcWBBobIiN5xeiuP9zl6l+Zcijrh:B6RVsxqt+dVnKnQTxgZbcS8Jcki
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2