acff5de4adf00020b2e4d1b4b898e4a2a43c22b4f398630fd45d0bfba48208dc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

acff5de4adf00020b2e4d1b4b898e4a2a43c22b4f398630fd45d0bfba48208dc
Size

184KB
Sample

221128-hc6p9scf63
MD5

51028ba4650afbe5747392e988f84fb6
SHA1

ca089c310218e272e09985f7f6eefb37f7d349d2
SHA256

acff5de4adf00020b2e4d1b4b898e4a2a43c22b4f398630fd45d0bfba48208dc
SHA512

5ad9ade0be112b1fb5eba1ea0bbb9bf3f5533e6b79f0b4bd40675b61ef8c59c91a2266f0f5154d025e392099ea2e127621fee054a0638e99fdd1547fb860508b
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO35:/7BSH8zUB+nGESaaRvoB7FJNndnU

Score

8^/10

Malware Config

Targets

- Target
  
  acff5de4adf00020b2e4d1b4b898e4a2a43c22b4f398630fd45d0bfba48208dc
- Size
  
  184KB
- MD5
  
  51028ba4650afbe5747392e988f84fb6
- SHA1
  
  ca089c310218e272e09985f7f6eefb37f7d349d2
- SHA256
  
  acff5de4adf00020b2e4d1b4b898e4a2a43c22b4f398630fd45d0bfba48208dc
- SHA512
  
  5ad9ade0be112b1fb5eba1ea0bbb9bf3f5533e6b79f0b4bd40675b61ef8c59c91a2266f0f5154d025e392099ea2e127621fee054a0638e99fdd1547fb860508b
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO35:/7BSH8zUB+nGESaaRvoB7FJNndnU
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2