af7af97cd525dae5a29ced15d2500030aac1d0a19a3ad321980dc580520f4f74 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af7af97cd525dae5a29ced15d2500030aac1d0a19a3ad321980dc580520f4f74
Size

184KB
Sample

221204-l7zrzshg39
MD5

2d12010eb0d98c904079202d2786ffa7
SHA1

ec0eddad52314c47f88adab43ed8def70a8d17b7
SHA256

af7af97cd525dae5a29ced15d2500030aac1d0a19a3ad321980dc580520f4f74
SHA512

634d3f17ce71c5342ce327bb08f55f452cfb7de96b173e20b133133e18711f96b75dbc634569d4790b6d4358e20f7994dd2f0f505f409e7e305c5192aa4ab3fa
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3/:/7BSH8zUB+nGESaaRvoB7FJNndne

Score

8^/10

Malware Config

Targets

- Target
  
  af7af97cd525dae5a29ced15d2500030aac1d0a19a3ad321980dc580520f4f74
- Size
  
  184KB
- MD5
  
  2d12010eb0d98c904079202d2786ffa7
- SHA1
  
  ec0eddad52314c47f88adab43ed8def70a8d17b7
- SHA256
  
  af7af97cd525dae5a29ced15d2500030aac1d0a19a3ad321980dc580520f4f74
- SHA512
  
  634d3f17ce71c5342ce327bb08f55f452cfb7de96b173e20b133133e18711f96b75dbc634569d4790b6d4358e20f7994dd2f0f505f409e7e305c5192aa4ab3fa
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3/:/7BSH8zUB+nGESaaRvoB7FJNndne
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2