f4df251d09797a1b69c327573b05ee9512dfb761ed11917c0939da7280291e97 | Triage

Sharing

General

Target

f4df251d09797a1b69c327573b05ee9512dfb761ed11917c0939da7280291e97
Size

242KB
Sample

221127-3awgqsbf2v
MD5

fab2d88012d051aeea33412cef4268d1
SHA1

5bf033fffbdc7ecaee45bde287e2590e5eb2babe
SHA256

f4df251d09797a1b69c327573b05ee9512dfb761ed11917c0939da7280291e97
SHA512

9c525b59e3f16c7d826dfd650da92b805019e03b23781ff9b9a2870b5893413bdfba23d8fc6bc0f2547d8b2b10e9f3b44ffdc1ae7060bf636bf42d0364fdbdf9
SSDEEP

6144:LZXBsWqsE/Ao+mv8Qv0LVmwq4FU0nN876ne4WLIM1xpYf3NuindBAUOo3UrT:NXmwRo+mv8QD4+0N460IM1xpYUi3BUH

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  f4df251d09797a1b69c327573b05ee9512dfb761ed11917c0939da7280291e97
- Size
  
  242KB
- MD5
  
  fab2d88012d051aeea33412cef4268d1
- SHA1
  
  5bf033fffbdc7ecaee45bde287e2590e5eb2babe
- SHA256
  
  f4df251d09797a1b69c327573b05ee9512dfb761ed11917c0939da7280291e97
- SHA512
  
  9c525b59e3f16c7d826dfd650da92b805019e03b23781ff9b9a2870b5893413bdfba23d8fc6bc0f2547d8b2b10e9f3b44ffdc1ae7060bf636bf42d0364fdbdf9
- SSDEEP
  
  6144:LZXBsWqsE/Ao+mv8Qv0LVmwq4FU0nN876ne4WLIM1xpYf3NuindBAUOo3UrT:NXmwRo+mv8QD4+0N460IM1xpYUi3BUH
Score

8^/10

discovery
- Blocklisted process makes network request
- Drops file in Drivers directory
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2