af08cd44cb18bbc961705c1603d63582a4ff5895e8a5a05d0e31dfdb860734db | Triage

Sharing

General

Target

af08cd44cb18bbc961705c1603d63582a4ff5895e8a5a05d0e31dfdb860734db
Size

184KB
Sample

221204-rd357seh76
MD5

7a3ae85b5bc076b4c484e5223cdb43b7
SHA1

239fd8f151dde893baa1597a8b1394af2998abb0
SHA256

af08cd44cb18bbc961705c1603d63582a4ff5895e8a5a05d0e31dfdb860734db
SHA512

5ec702074c30e8220b14c14e13f10678e63e91b8532c177b5ea1fe75e7de08ae7bdd61a284d7d287180a95724c99d313fde07502dc08226291b83d01d3b17894
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3R:/7BSH8zUB+nGESaaRvoB7FJNndnI

Score

8^/10

Malware Config

Targets

- Target
  
  af08cd44cb18bbc961705c1603d63582a4ff5895e8a5a05d0e31dfdb860734db
- Size
  
  184KB
- MD5
  
  7a3ae85b5bc076b4c484e5223cdb43b7
- SHA1
  
  239fd8f151dde893baa1597a8b1394af2998abb0
- SHA256
  
  af08cd44cb18bbc961705c1603d63582a4ff5895e8a5a05d0e31dfdb860734db
- SHA512
  
  5ec702074c30e8220b14c14e13f10678e63e91b8532c177b5ea1fe75e7de08ae7bdd61a284d7d287180a95724c99d313fde07502dc08226291b83d01d3b17894
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3R:/7BSH8zUB+nGESaaRvoB7FJNndnI
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2