b0216f0ab91c15688c7b800454c0489ee62e2619072b3dd3064d1c7704e7b1f7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b0216f0ab91c15688c7b800454c0489ee62e2619072b3dd3064d1c7704e7b1f7
Size

184KB
Sample

221204-el1zlaab8w
MD5

4e9bf2de590232d2534efa715081f871
SHA1

779978de3fb167b236f5d9c00cc3c0beec398f5b
SHA256

b0216f0ab91c15688c7b800454c0489ee62e2619072b3dd3064d1c7704e7b1f7
SHA512

018569e670975896c2caf8b2155cc6d5f85e5fd24c003d3352913a68c320efc9c4e4d8c5d6daee933be28b2bc5c7973343844d87800f58ced6fb2d067ffc903f
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO34:/7BSH8zUB+nGESaaRvoB7FJNndnN

Score

8^/10

Malware Config

Targets

- Target
  
  b0216f0ab91c15688c7b800454c0489ee62e2619072b3dd3064d1c7704e7b1f7
- Size
  
  184KB
- MD5
  
  4e9bf2de590232d2534efa715081f871
- SHA1
  
  779978de3fb167b236f5d9c00cc3c0beec398f5b
- SHA256
  
  b0216f0ab91c15688c7b800454c0489ee62e2619072b3dd3064d1c7704e7b1f7
- SHA512
  
  018569e670975896c2caf8b2155cc6d5f85e5fd24c003d3352913a68c320efc9c4e4d8c5d6daee933be28b2bc5c7973343844d87800f58ced6fb2d067ffc903f
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO34:/7BSH8zUB+nGESaaRvoB7FJNndnN
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2