ac0d0c4ad643ad2f4ceadcd3e3779087253e3ba2df87aa81319b942dfe9bca86 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac0d0c4ad643ad2f4ceadcd3e3779087253e3ba2df87aa81319b942dfe9bca86
Size

184KB
Sample

221124-c68ttscb82
MD5

0a79a1dd7d412d3949149cecb89c25ca
SHA1

ff1ef42956626caf301581f18ccd1bac308e44d5
SHA256

ac0d0c4ad643ad2f4ceadcd3e3779087253e3ba2df87aa81319b942dfe9bca86
SHA512

c94145dfb1cee8473695fb71a5dff681c5cf1591791475ca8e162f9429bac96a8bd7a86cf5b5a0a4e369de9701e888baf2243b3385d95580a42ada5ace689ace
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3C:/7BSH8zUB+nGESaaRvoB7FJNndn3

Score

8^/10

Malware Config

Targets

- Target
  
  ac0d0c4ad643ad2f4ceadcd3e3779087253e3ba2df87aa81319b942dfe9bca86
- Size
  
  184KB
- MD5
  
  0a79a1dd7d412d3949149cecb89c25ca
- SHA1
  
  ff1ef42956626caf301581f18ccd1bac308e44d5
- SHA256
  
  ac0d0c4ad643ad2f4ceadcd3e3779087253e3ba2df87aa81319b942dfe9bca86
- SHA512
  
  c94145dfb1cee8473695fb71a5dff681c5cf1591791475ca8e162f9429bac96a8bd7a86cf5b5a0a4e369de9701e888baf2243b3385d95580a42ada5ace689ace
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3C:/7BSH8zUB+nGESaaRvoB7FJNndn3
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2