b432a8afb4ebd0ea8e0e1361cbf544e15d615bd8ced4e5d092713c73c0ec3dfe | Triage

Sharing

General

Target

b432a8afb4ebd0ea8e0e1361cbf544e15d615bd8ced4e5d092713c73c0ec3dfe
Size

76KB
Sample

221126-cedvdagf8v
MD5

074608d3a13e24525700cc3e971e885b
SHA1

587a28b545ac7f626f31091a6411621b2b441dbb
SHA256

b432a8afb4ebd0ea8e0e1361cbf544e15d615bd8ced4e5d092713c73c0ec3dfe
SHA512

e7eb0aa7fbe2a71fc3bd0ed6b66ecd8396db4d613e670444723f4247f8777be6af92db9facc52b0a6a3d85b4f33dc51e342a840e51bae6ed3995eb88a5117160
SSDEEP

1536:dowd1JtPIs+I0gtAcHBqHXKmn5lUF83RIK+d:2wd1Jt7tAcHBqHXn5lUF8uK

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  b432a8afb4ebd0ea8e0e1361cbf544e15d615bd8ced4e5d092713c73c0ec3dfe
- Size
  
  76KB
- MD5
  
  074608d3a13e24525700cc3e971e885b
- SHA1
  
  587a28b545ac7f626f31091a6411621b2b441dbb
- SHA256
  
  b432a8afb4ebd0ea8e0e1361cbf544e15d615bd8ced4e5d092713c73c0ec3dfe
- SHA512
  
  e7eb0aa7fbe2a71fc3bd0ed6b66ecd8396db4d613e670444723f4247f8777be6af92db9facc52b0a6a3d85b4f33dc51e342a840e51bae6ed3995eb88a5117160
- SSDEEP
  
  1536:dowd1JtPIs+I0gtAcHBqHXKmn5lUF83RIK+d:2wd1Jt7tAcHBqHXn5lUF8uK
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2