af6ed954d30310f41e0b3aab892bcfdc4c97b17d21005796af64c568d00e0200 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af6ed954d30310f41e0b3aab892bcfdc4c97b17d21005796af64c568d00e0200
Size

184KB
Sample

221204-mmv4qsef5t
MD5

64ec9c558d6d94509035cc932cb59576
SHA1

29d2102fe616be027b20fae047277e8c0d4cd56b
SHA256

af6ed954d30310f41e0b3aab892bcfdc4c97b17d21005796af64c568d00e0200
SHA512

95cc8822e342b61a8d3f6e54084cef1168d4e9f98d6541d0079d17bc7002460b41f81895fe85ef76d5860a7730599df8da31e9a9089fd61108fe5c2177560b72
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3x:/7BSH8zUB+nGESaaRvoB7FJNndn8

Score

8^/10

Malware Config

Targets

- Target
  
  af6ed954d30310f41e0b3aab892bcfdc4c97b17d21005796af64c568d00e0200
- Size
  
  184KB
- MD5
  
  64ec9c558d6d94509035cc932cb59576
- SHA1
  
  29d2102fe616be027b20fae047277e8c0d4cd56b
- SHA256
  
  af6ed954d30310f41e0b3aab892bcfdc4c97b17d21005796af64c568d00e0200
- SHA512
  
  95cc8822e342b61a8d3f6e54084cef1168d4e9f98d6541d0079d17bc7002460b41f81895fe85ef76d5860a7730599df8da31e9a9089fd61108fe5c2177560b72
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3x:/7BSH8zUB+nGESaaRvoB7FJNndn8
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2