a94580c60e3a7fefc2531251d3920959baf0f837974a5b1839811cfe0e100513 | Triage

Sharing

General

Target

a94580c60e3a7fefc2531251d3920959baf0f837974a5b1839811cfe0e100513
Size

762KB
Sample

221123-w3g2gsgf4v
MD5

5248363663a3870aaf804f823a8c16ba
SHA1

addd9ab47d25f829bbc461d841d63a377fbf0589
SHA256

a94580c60e3a7fefc2531251d3920959baf0f837974a5b1839811cfe0e100513
SHA512

c1a0aa2e693605be8dc4c6961a2a03c5cb46d54545f4c2ed9b81720a6f2b6cc3b66a54ededa4a9800f673d01a853c8fa7b34de6618e49dbc7c365e825b293aeb
SSDEEP

12288:8AHiKgH2vkEg4qQ49lzWK134AR0WuYGM7wxa9f:8ACK3JAWK13nuW1Au

Score

8^/10

Malware Config

Targets

- Target
  
  a94580c60e3a7fefc2531251d3920959baf0f837974a5b1839811cfe0e100513
- Size
  
  762KB
- MD5
  
  5248363663a3870aaf804f823a8c16ba
- SHA1
  
  addd9ab47d25f829bbc461d841d63a377fbf0589
- SHA256
  
  a94580c60e3a7fefc2531251d3920959baf0f837974a5b1839811cfe0e100513
- SHA512
  
  c1a0aa2e693605be8dc4c6961a2a03c5cb46d54545f4c2ed9b81720a6f2b6cc3b66a54ededa4a9800f673d01a853c8fa7b34de6618e49dbc7c365e825b293aeb
- SSDEEP
  
  12288:8AHiKgH2vkEg4qQ49lzWK134AR0WuYGM7wxa9f:8ACK3JAWK13nuW1Au
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2