ad351441a01baea4ecc67b282cb8f81425dc1d4214a0cebba9a08b6010530b9b | Triage

Sharing

General

Target

ad351441a01baea4ecc67b282cb8f81425dc1d4214a0cebba9a08b6010530b9b
Size

184KB
Sample

221128-e9dh7sfb38
MD5

10394505b1bb8b3b0961cbf3e399509e
SHA1

d7a1f0fa82d3b96d18299213014bb4183bf39600
SHA256

ad351441a01baea4ecc67b282cb8f81425dc1d4214a0cebba9a08b6010530b9b
SHA512

cb87d18ba37ce6dad0529744655ad7a9d4f56f192649f68174f46881705deaff96c5ec8bf073d8b981e124194f16bc2bfe5496cbd816d396db800001565e9b1c
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO33:/7BSH8zUB+nGESaaRvoB7FJNndnG

Score

8^/10

Malware Config

Targets

- Target
  
  ad351441a01baea4ecc67b282cb8f81425dc1d4214a0cebba9a08b6010530b9b
- Size
  
  184KB
- MD5
  
  10394505b1bb8b3b0961cbf3e399509e
- SHA1
  
  d7a1f0fa82d3b96d18299213014bb4183bf39600
- SHA256
  
  ad351441a01baea4ecc67b282cb8f81425dc1d4214a0cebba9a08b6010530b9b
- SHA512
  
  cb87d18ba37ce6dad0529744655ad7a9d4f56f192649f68174f46881705deaff96c5ec8bf073d8b981e124194f16bc2bfe5496cbd816d396db800001565e9b1c
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO33:/7BSH8zUB+nGESaaRvoB7FJNndnG
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2