af4992f0f8662d0c1612f259eae2514ed8262c46bc2aecc1d0f6fb54be030a93 | Triage

Sharing

General

Target

af4992f0f8662d0c1612f259eae2514ed8262c46bc2aecc1d0f6fb54be030a93
Size

184KB
Sample

221204-n34w9abc6s
MD5

82aece4141bb6f809ae856cc1957a154
SHA1

a6c5a3c75286d2b90283350bf2a5d9adcaee083d
SHA256

af4992f0f8662d0c1612f259eae2514ed8262c46bc2aecc1d0f6fb54be030a93
SHA512

33fb7361898a78720098bdd609df88e8a7b11b14ea895c4734f039e7c83ee337b00663dbece851ed3323603737c9606afa0e3f4ae72778c69caa06a0a5c955d7
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO31:/7BSH8zUB+nGESaaRvoB7FJNndno

Score

8^/10

Malware Config

Targets

- Target
  
  af4992f0f8662d0c1612f259eae2514ed8262c46bc2aecc1d0f6fb54be030a93
- Size
  
  184KB
- MD5
  
  82aece4141bb6f809ae856cc1957a154
- SHA1
  
  a6c5a3c75286d2b90283350bf2a5d9adcaee083d
- SHA256
  
  af4992f0f8662d0c1612f259eae2514ed8262c46bc2aecc1d0f6fb54be030a93
- SHA512
  
  33fb7361898a78720098bdd609df88e8a7b11b14ea895c4734f039e7c83ee337b00663dbece851ed3323603737c9606afa0e3f4ae72778c69caa06a0a5c955d7
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO31:/7BSH8zUB+nGESaaRvoB7FJNndno
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2