afe49cebba237353fbb54f0ff973030157eacc5b1091c1d8b64d9d3100a47616 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

afe49cebba237353fbb54f0ff973030157eacc5b1091c1d8b64d9d3100a47616
Size

184KB
Sample

221204-g62sqshe3y
MD5

4b0e051a6e07e1c2d7ae26281c520658
SHA1

e18f68d9fdab5b1e150f0f4d8d52e450adad24b0
SHA256

afe49cebba237353fbb54f0ff973030157eacc5b1091c1d8b64d9d3100a47616
SHA512

aaed18a84495b05c29933893f4ce8bae2f7afdf40e006776eb81812caa75b11c88a1c47a08f372d2547d0c5196f129381624807745d62e7c9fc1667d90aa8d09
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3J:/7BSH8zUB+nGESaaRvoB7FJNndn4

Score

8^/10

Malware Config

Targets

- Target
  
  afe49cebba237353fbb54f0ff973030157eacc5b1091c1d8b64d9d3100a47616
- Size
  
  184KB
- MD5
  
  4b0e051a6e07e1c2d7ae26281c520658
- SHA1
  
  e18f68d9fdab5b1e150f0f4d8d52e450adad24b0
- SHA256
  
  afe49cebba237353fbb54f0ff973030157eacc5b1091c1d8b64d9d3100a47616
- SHA512
  
  aaed18a84495b05c29933893f4ce8bae2f7afdf40e006776eb81812caa75b11c88a1c47a08f372d2547d0c5196f129381624807745d62e7c9fc1667d90aa8d09
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3J:/7BSH8zUB+nGESaaRvoB7FJNndn4
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2