acf9c25c2f288f06400af47a6c0aceb88327f1199064dc946ec2fe61e6398648 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

acf9c25c2f288f06400af47a6c0aceb88327f1199064dc946ec2fe61e6398648
Size

184KB
Sample

221128-hlb71shd2y
MD5

0155a16fc167782d44cb2ce275deade0
SHA1

65ce3225731029ff6097048df2f339cd8619e29b
SHA256

acf9c25c2f288f06400af47a6c0aceb88327f1199064dc946ec2fe61e6398648
SHA512

f8a0f1a767b70395278ade2d1dd5c2dda86c8bb7e246baffd2142a6ce820b3bb32ad8534e71fdb461a24dc2673e4177adf751e418514cb5e355ca438efa893b9
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3D:/7BSH8zUB+nGESaaRvoB7FJNndnO

Score

8^/10

Malware Config

Targets

- Target
  
  acf9c25c2f288f06400af47a6c0aceb88327f1199064dc946ec2fe61e6398648
- Size
  
  184KB
- MD5
  
  0155a16fc167782d44cb2ce275deade0
- SHA1
  
  65ce3225731029ff6097048df2f339cd8619e29b
- SHA256
  
  acf9c25c2f288f06400af47a6c0aceb88327f1199064dc946ec2fe61e6398648
- SHA512
  
  f8a0f1a767b70395278ade2d1dd5c2dda86c8bb7e246baffd2142a6ce820b3bb32ad8534e71fdb461a24dc2673e4177adf751e418514cb5e355ca438efa893b9
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3D:/7BSH8zUB+nGESaaRvoB7FJNndnO
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2