ad8a6cd5e1cddb4b505517b9adb7e6b786665386562baeb725a03d9deab1e05d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad8a6cd5e1cddb4b505517b9adb7e6b786665386562baeb725a03d9deab1e05d
Size

184KB
Sample

221128-bmkgfshd3w
MD5

49d688c5b6cc94654d9f9a98dc4df33d
SHA1

0095d1ff8a5e7af6f9a9f357c074dd0a8bad31d3
SHA256

ad8a6cd5e1cddb4b505517b9adb7e6b786665386562baeb725a03d9deab1e05d
SHA512

a1d5c20360638c41869d2430f9af62d2c39ce2cf5164d41ba50d99e04957b92a59eef08bcfcfc5d6806457dd467fcb3072cbcfe8fd303c6fac75d3b6f4f1e2de
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3Q:/7BSH8zUB+nGESaaRvoB7FJNndnB

Score

8^/10

Malware Config

Targets

- Target
  
  ad8a6cd5e1cddb4b505517b9adb7e6b786665386562baeb725a03d9deab1e05d
- Size
  
  184KB
- MD5
  
  49d688c5b6cc94654d9f9a98dc4df33d
- SHA1
  
  0095d1ff8a5e7af6f9a9f357c074dd0a8bad31d3
- SHA256
  
  ad8a6cd5e1cddb4b505517b9adb7e6b786665386562baeb725a03d9deab1e05d
- SHA512
  
  a1d5c20360638c41869d2430f9af62d2c39ce2cf5164d41ba50d99e04957b92a59eef08bcfcfc5d6806457dd467fcb3072cbcfe8fd303c6fac75d3b6f4f1e2de
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3Q:/7BSH8zUB+nGESaaRvoB7FJNndnB
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2