abf0998855ee335ac1ecbe6dd979e4e17ff7a9c19b759d844be88cc2dabd993e | Triage

Sharing

General

Target

abf0998855ee335ac1ecbe6dd979e4e17ff7a9c19b759d844be88cc2dabd993e
Size

184KB
Sample

221124-egrkcsag5s
MD5

63666f6f4cc01151b58d664573339a3d
SHA1

3ca96af1368a05a855b8df54c878ddc785e39cbd
SHA256

abf0998855ee335ac1ecbe6dd979e4e17ff7a9c19b759d844be88cc2dabd993e
SHA512

640a56158e789a4471c66b179475e06d56e5fffd92c42ee7e945ff1d809bb53fd389babb4005ba1bc0558c522475de547a75dffa35c77451213f534094b2f16a
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3Y:/7BSH8zUB+nGESaaRvoB7FJNndnt

Score

8^/10

Malware Config

Targets

- Target
  
  abf0998855ee335ac1ecbe6dd979e4e17ff7a9c19b759d844be88cc2dabd993e
- Size
  
  184KB
- MD5
  
  63666f6f4cc01151b58d664573339a3d
- SHA1
  
  3ca96af1368a05a855b8df54c878ddc785e39cbd
- SHA256
  
  abf0998855ee335ac1ecbe6dd979e4e17ff7a9c19b759d844be88cc2dabd993e
- SHA512
  
  640a56158e789a4471c66b179475e06d56e5fffd92c42ee7e945ff1d809bb53fd389babb4005ba1bc0558c522475de547a75dffa35c77451213f534094b2f16a
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3Y:/7BSH8zUB+nGESaaRvoB7FJNndnt
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2