abec408981040cde903a16402592414283a4f1c20ccc08c3d994220ac1b3fc87 | Triage

Sharing

General

Target

abec408981040cde903a16402592414283a4f1c20ccc08c3d994220ac1b3fc87
Size

184KB
Sample

221124-el73xaga23
MD5

4e1fd28fed3fde03c9c451c3800b22c2
SHA1

25236ec5dde27fe08041d33a868f088c0ca88088
SHA256

abec408981040cde903a16402592414283a4f1c20ccc08c3d994220ac1b3fc87
SHA512

ba33f7281b0c8132533de8a1ae3f95e3d37330eb228927d5dd2f3ae3532c04a85f2ec64470d3a48020def1e72b18b27fc1c29ba0fafb21ab02b9e5acb1b09792
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3Vc:/7BSH8zUB+nGESaaRvoB7FJNndnMc

Score

8^/10

Malware Config

Targets

- Target
  
  abec408981040cde903a16402592414283a4f1c20ccc08c3d994220ac1b3fc87
- Size
  
  184KB
- MD5
  
  4e1fd28fed3fde03c9c451c3800b22c2
- SHA1
  
  25236ec5dde27fe08041d33a868f088c0ca88088
- SHA256
  
  abec408981040cde903a16402592414283a4f1c20ccc08c3d994220ac1b3fc87
- SHA512
  
  ba33f7281b0c8132533de8a1ae3f95e3d37330eb228927d5dd2f3ae3532c04a85f2ec64470d3a48020def1e72b18b27fc1c29ba0fafb21ab02b9e5acb1b09792
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3Vc:/7BSH8zUB+nGESaaRvoB7FJNndnMc
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2