af17a3f60a367541fc59dcbbfe9cefe191e7884f28fa2c344307b1adb9834889 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af17a3f60a367541fc59dcbbfe9cefe191e7884f28fa2c344307b1adb9834889
Size

184KB
Sample

221204-qtc4aagg2t
MD5

650dc79196587f37b681835600b8816c
SHA1

0501cf4f95711e730d8a163d9ed206f4621425aa
SHA256

af17a3f60a367541fc59dcbbfe9cefe191e7884f28fa2c344307b1adb9834889
SHA512

2fe60db497e78fe7ee1a29a0dcb5b0fb338a60224e2499f4529a5befabaefcd3523dc909eb376751dad3e5ea7d15725bf0af0e41b2e366cecff90cb21b4725a8
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO38:/7BSH8zUB+nGESaaRvoB7FJNndnJ

Score

8^/10

Malware Config

Targets

- Target
  
  af17a3f60a367541fc59dcbbfe9cefe191e7884f28fa2c344307b1adb9834889
- Size
  
  184KB
- MD5
  
  650dc79196587f37b681835600b8816c
- SHA1
  
  0501cf4f95711e730d8a163d9ed206f4621425aa
- SHA256
  
  af17a3f60a367541fc59dcbbfe9cefe191e7884f28fa2c344307b1adb9834889
- SHA512
  
  2fe60db497e78fe7ee1a29a0dcb5b0fb338a60224e2499f4529a5befabaefcd3523dc909eb376751dad3e5ea7d15725bf0af0e41b2e366cecff90cb21b4725a8
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO38:/7BSH8zUB+nGESaaRvoB7FJNndnJ
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2