19c22a4ef415fc47c32bd6b351da57938c70574a2b7d223607c123743a07af9b | Triage

Sharing

General

Target

19c22a4ef415fc47c32bd6b351da57938c70574a2b7d223607c123743a07af9b
Size

227KB
Sample

221123-xq2e2aag3t
MD5

a6bb070d438a766d4966ce5ff0a57e0d
SHA1

38daa2d784f17e3f1046c246bca874698ab65e9c
SHA256

19c22a4ef415fc47c32bd6b351da57938c70574a2b7d223607c123743a07af9b
SHA512

8a9757daad0c9456118f10b19cd5910f0b90391da02271a4cd11b2c159a3d1c16a7d6e2181178284f00358294397b9db4479a016aacc83ddc52606c5a9b163cc
SSDEEP

6144:+9o7tHiKg02IwLgnIgRdS6rxKJksoddmwEVT9:6AHiKgHUd9xKJkuz9

Score

8^/10

Malware Config

Targets

- Target
  
  19c22a4ef415fc47c32bd6b351da57938c70574a2b7d223607c123743a07af9b
- Size
  
  227KB
- MD5
  
  a6bb070d438a766d4966ce5ff0a57e0d
- SHA1
  
  38daa2d784f17e3f1046c246bca874698ab65e9c
- SHA256
  
  19c22a4ef415fc47c32bd6b351da57938c70574a2b7d223607c123743a07af9b
- SHA512
  
  8a9757daad0c9456118f10b19cd5910f0b90391da02271a4cd11b2c159a3d1c16a7d6e2181178284f00358294397b9db4479a016aacc83ddc52606c5a9b163cc
- SSDEEP
  
  6144:+9o7tHiKg02IwLgnIgRdS6rxKJksoddmwEVT9:6AHiKgHUd9xKJkuz9
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2