f31bdcd179f316b4d517e9394026a52c5736e6abd8ac94e862fd49f23f785b3b | Triage

Sharing

General

Target

f31bdcd179f316b4d517e9394026a52c5736e6abd8ac94e862fd49f23f785b3b
Size

180KB
Sample

221203-ca4j8sha2s
MD5

13da87e3d84c4f19d4e073eccf5e29f2
SHA1

fa3ea8a1095144192599f8be96a3f5cd03a0e334
SHA256

f31bdcd179f316b4d517e9394026a52c5736e6abd8ac94e862fd49f23f785b3b
SHA512

d5c9a09a41f9bd72ad01e1ad34b4d770eb5bda60fcc79c143818b106ec6921b9c99c6a46e9f726a81dd91a03fa7e59034a4395346a9de141b3f831d9efc19f25
SSDEEP

3072:OBAp5XhKpN4eOyVTGfhEClj8jTk+0hJiaqR//1Wcjej5EqhnBWz9T6M33rb2p:lbXE9OiTGfhEClq9mqR//1Wcjej5Eqh3

Score

8^/10

Malware Config

Targets

- Target
  
  f31bdcd179f316b4d517e9394026a52c5736e6abd8ac94e862fd49f23f785b3b
- Size
  
  180KB
- MD5
  
  13da87e3d84c4f19d4e073eccf5e29f2
- SHA1
  
  fa3ea8a1095144192599f8be96a3f5cd03a0e334
- SHA256
  
  f31bdcd179f316b4d517e9394026a52c5736e6abd8ac94e862fd49f23f785b3b
- SHA512
  
  d5c9a09a41f9bd72ad01e1ad34b4d770eb5bda60fcc79c143818b106ec6921b9c99c6a46e9f726a81dd91a03fa7e59034a4395346a9de141b3f831d9efc19f25
- SSDEEP
  
  3072:OBAp5XhKpN4eOyVTGfhEClj8jTk+0hJiaqR//1Wcjej5EqhnBWz9T6M33rb2p:lbXE9OiTGfhEClq9mqR//1Wcjej5Eqh3
Score

8^/10
- Blocklisted process makes network request
- Drops file in Drivers directory
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2