ad9971e6165fda10a038a65c279f3c9e2a357d5b1b6118c5178bc3e42341a48d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad9971e6165fda10a038a65c279f3c9e2a357d5b1b6118c5178bc3e42341a48d
Size

184KB
Sample

221128-ax6a8sfd7s
MD5

0be60bd3699e6771934d55c44fc0ec35
SHA1

4c7d1a76684f435bc83d6938dfaf643a39595f05
SHA256

ad9971e6165fda10a038a65c279f3c9e2a357d5b1b6118c5178bc3e42341a48d
SHA512

ae6371299e1f21e1e940a8c4b393326ec698485622ce54ad2f997f768ebd85f9b1cd1138278462a3d8d947e847bb927654a1f76dbe71be482ee5f48bfde9851c
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3p:/7BSH8zUB+nGESaaRvoB7FJNndnE

Score

8^/10

Malware Config

Targets

- Target
  
  ad9971e6165fda10a038a65c279f3c9e2a357d5b1b6118c5178bc3e42341a48d
- Size
  
  184KB
- MD5
  
  0be60bd3699e6771934d55c44fc0ec35
- SHA1
  
  4c7d1a76684f435bc83d6938dfaf643a39595f05
- SHA256
  
  ad9971e6165fda10a038a65c279f3c9e2a357d5b1b6118c5178bc3e42341a48d
- SHA512
  
  ae6371299e1f21e1e940a8c4b393326ec698485622ce54ad2f997f768ebd85f9b1cd1138278462a3d8d947e847bb927654a1f76dbe71be482ee5f48bfde9851c
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3p:/7BSH8zUB+nGESaaRvoB7FJNndnE
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2