af616be8c272354da73df4088f4c2aa692a29f23434f87e857def2415ba5755b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af616be8c272354da73df4088f4c2aa692a29f23434f87e857def2415ba5755b
Size

184KB
Sample

221204-m545csgc8t
MD5

18ae3ac2d9a943f66f1dd17e4b5629c2
SHA1

542b545a7b9dd6d18de028ee49ff1e3d3cfbcd9d
SHA256

af616be8c272354da73df4088f4c2aa692a29f23434f87e857def2415ba5755b
SHA512

2c493f3404b82ef6e6f94f841e2fd137b52fc023520ec1083377aef33c4f38614b10b955d9182b3bff08728885e708a6dbe266e5e04ac9f591eab7c6888f8457
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3t:/7BSH8zUB+nGESaaRvoB7FJNndnE

Score

8^/10

Malware Config

Targets

- Target
  
  af616be8c272354da73df4088f4c2aa692a29f23434f87e857def2415ba5755b
- Size
  
  184KB
- MD5
  
  18ae3ac2d9a943f66f1dd17e4b5629c2
- SHA1
  
  542b545a7b9dd6d18de028ee49ff1e3d3cfbcd9d
- SHA256
  
  af616be8c272354da73df4088f4c2aa692a29f23434f87e857def2415ba5755b
- SHA512
  
  2c493f3404b82ef6e6f94f841e2fd137b52fc023520ec1083377aef33c4f38614b10b955d9182b3bff08728885e708a6dbe266e5e04ac9f591eab7c6888f8457
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3t:/7BSH8zUB+nGESaaRvoB7FJNndnE
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2