af0d360b0fc259ec9cac70126ead5b82fd43731deb67d13c0f3df0f52a3f98a2 | Triage

Sharing

General

Target

af0d360b0fc259ec9cac70126ead5b82fd43731deb67d13c0f3df0f52a3f98a2
Size

184KB
Sample

221204-q8pevsaa21
MD5

15036d06dd5d6e4514c9c04b9430539f
SHA1

99790d740a8b8648ca7ac312855693709f2293e8
SHA256

af0d360b0fc259ec9cac70126ead5b82fd43731deb67d13c0f3df0f52a3f98a2
SHA512

ca3c3b2171d5bcf4a4a3cb92f0aa1f338e4da6d03602b1c2c5db2bb8c8a1acf5d6349bf2cf72e312c40d9325661fc2e33fd2b25577d41ffc470824a5c40212ec
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3sJ:/7BSH8zUB+nGESaaRvoB7FJNndnp

Score

8^/10

Malware Config

Targets

- Target
  
  af0d360b0fc259ec9cac70126ead5b82fd43731deb67d13c0f3df0f52a3f98a2
- Size
  
  184KB
- MD5
  
  15036d06dd5d6e4514c9c04b9430539f
- SHA1
  
  99790d740a8b8648ca7ac312855693709f2293e8
- SHA256
  
  af0d360b0fc259ec9cac70126ead5b82fd43731deb67d13c0f3df0f52a3f98a2
- SHA512
  
  ca3c3b2171d5bcf4a4a3cb92f0aa1f338e4da6d03602b1c2c5db2bb8c8a1acf5d6349bf2cf72e312c40d9325661fc2e33fd2b25577d41ffc470824a5c40212ec
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3sJ:/7BSH8zUB+nGESaaRvoB7FJNndnp
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2