af082c7daced6b11c17d0fbb360bc05d0e96f5cc385d75813bb1ef8c9ca215f1 | Triage

Sharing

General

Target

af082c7daced6b11c17d0fbb360bc05d0e96f5cc385d75813bb1ef8c9ca215f1
Size

184KB
Sample

221204-repzzaae9y
MD5

83dc905cc166a8dd7f69d70a83538e50
SHA1

12931ded40b5cf6a7a5afcf037f9f4f47483eba4
SHA256

af082c7daced6b11c17d0fbb360bc05d0e96f5cc385d75813bb1ef8c9ca215f1
SHA512

5c8612988d4a1338e4970ffc1fe0694a0840ab763146f8c04204cb20d0947ad94f80ae35cf084978c561dc82d3cc43dbf4c221fa34162ee999d1e3b303d4b70f
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3N:/7BSH8zUB+nGESaaRvoB7FJNndnM

Score

8^/10

Malware Config

Targets

- Target
  
  af082c7daced6b11c17d0fbb360bc05d0e96f5cc385d75813bb1ef8c9ca215f1
- Size
  
  184KB
- MD5
  
  83dc905cc166a8dd7f69d70a83538e50
- SHA1
  
  12931ded40b5cf6a7a5afcf037f9f4f47483eba4
- SHA256
  
  af082c7daced6b11c17d0fbb360bc05d0e96f5cc385d75813bb1ef8c9ca215f1
- SHA512
  
  5c8612988d4a1338e4970ffc1fe0694a0840ab763146f8c04204cb20d0947ad94f80ae35cf084978c561dc82d3cc43dbf4c221fa34162ee999d1e3b303d4b70f
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3N:/7BSH8zUB+nGESaaRvoB7FJNndnM
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2