5ba32928ab5660b4ef53179020dc7af86793aa0bbc0a825bbb43b8187eddeb51 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ba32928ab5660b4ef53179020dc7af86793aa0bbc0a825bbb43b8187eddeb51
Size

128KB
Sample

221203-bzmgksgb7s
MD5

a53a8f1311fc463ec059843d59b2ac8a
SHA1

91246bf9d2d0fb35f933463dbeaf388708408cf3
SHA256

5ba32928ab5660b4ef53179020dc7af86793aa0bbc0a825bbb43b8187eddeb51
SHA512

29a0ee34c4edf6c84368d140286b6852118bfefe904f9551b212ef7dcfa26a2858b9e92c40fbcf8ebc43a6c18557de1b8dd9a3723b3ab132c139a5f8a2b08b29
SSDEEP

3072:YBAp5XhKpN4eOyVTGfhEClj8jTk+0hMKBz610hO:PbXE9OiTGfhEClq9FKx3g

Score

8^/10

Malware Config

Targets

- Target
  
  5ba32928ab5660b4ef53179020dc7af86793aa0bbc0a825bbb43b8187eddeb51
- Size
  
  128KB
- MD5
  
  a53a8f1311fc463ec059843d59b2ac8a
- SHA1
  
  91246bf9d2d0fb35f933463dbeaf388708408cf3
- SHA256
  
  5ba32928ab5660b4ef53179020dc7af86793aa0bbc0a825bbb43b8187eddeb51
- SHA512
  
  29a0ee34c4edf6c84368d140286b6852118bfefe904f9551b212ef7dcfa26a2858b9e92c40fbcf8ebc43a6c18557de1b8dd9a3723b3ab132c139a5f8a2b08b29
- SSDEEP
  
  3072:YBAp5XhKpN4eOyVTGfhEClj8jTk+0hMKBz610hO:PbXE9OiTGfhEClq9FKx3g
Score

8^/10
- Blocklisted process makes network request
- Drops file in Drivers directory
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2