b029ac8935aa4e101fb3a75af9c6ba773c3309ac93157cf8ef51caf674b2380e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b029ac8935aa4e101fb3a75af9c6ba773c3309ac93157cf8ef51caf674b2380e
Size

184KB
Sample

221204-ebfkxadd92
MD5

7991ad342843efb8e0a5254eea0e5b67
SHA1

7403884b2cee67c77fa55d928f2e5ee71df20241
SHA256

b029ac8935aa4e101fb3a75af9c6ba773c3309ac93157cf8ef51caf674b2380e
SHA512

ce4db5968bdfea13ba50e8355e235e25f8117a126ab30b28841ad39538e2ad84a0f4bef3c38136c93704995ea39b98e8ae0c8881c6cba947a1c5c78799ce4532
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3E:/7BSH8zUB+nGESaaRvoB7FJNndnN

Score

8^/10

Malware Config

Targets

- Target
  
  b029ac8935aa4e101fb3a75af9c6ba773c3309ac93157cf8ef51caf674b2380e
- Size
  
  184KB
- MD5
  
  7991ad342843efb8e0a5254eea0e5b67
- SHA1
  
  7403884b2cee67c77fa55d928f2e5ee71df20241
- SHA256
  
  b029ac8935aa4e101fb3a75af9c6ba773c3309ac93157cf8ef51caf674b2380e
- SHA512
  
  ce4db5968bdfea13ba50e8355e235e25f8117a126ab30b28841ad39538e2ad84a0f4bef3c38136c93704995ea39b98e8ae0c8881c6cba947a1c5c78799ce4532
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3E:/7BSH8zUB+nGESaaRvoB7FJNndnN
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2