acdada24e0f05ca8bb0240a0e4e4a6339d5776d0a82f24a35910dfbe3612e47a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

acdada24e0f05ca8bb0240a0e4e4a6339d5776d0a82f24a35910dfbe3612e47a
Size

184KB
Sample

221128-jrbn4scd3t
MD5

80e582a055375bf3d51ef514765b91c8
SHA1

5e154f02ba837221f79000bc232e405318eab091
SHA256

acdada24e0f05ca8bb0240a0e4e4a6339d5776d0a82f24a35910dfbe3612e47a
SHA512

a1d73dbfb7815b001c0d9c943e51e9db9a8b9aa51f7ac6faa0afa1f70b63dc9271782fc1f1313ca00c4325502cd921ae31baaf716cfd68355cd5bce5bf9b0c33
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3H:/7BSH8zUB+nGESaaRvoB7FJNndn6

Score

8^/10

Malware Config

Targets

- Target
  
  acdada24e0f05ca8bb0240a0e4e4a6339d5776d0a82f24a35910dfbe3612e47a
- Size
  
  184KB
- MD5
  
  80e582a055375bf3d51ef514765b91c8
- SHA1
  
  5e154f02ba837221f79000bc232e405318eab091
- SHA256
  
  acdada24e0f05ca8bb0240a0e4e4a6339d5776d0a82f24a35910dfbe3612e47a
- SHA512
  
  a1d73dbfb7815b001c0d9c943e51e9db9a8b9aa51f7ac6faa0afa1f70b63dc9271782fc1f1313ca00c4325502cd921ae31baaf716cfd68355cd5bce5bf9b0c33
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3H:/7BSH8zUB+nGESaaRvoB7FJNndn6
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2