af000244053caa1581210637533d3f26ed44d343178c76cf236770f53cfa2c8f | Triage

Sharing

General

Target

af000244053caa1581210637533d3f26ed44d343178c76cf236770f53cfa2c8f
Size

184KB
Sample

221204-rrdsgabf4z
MD5

471908317294c8f960f070e48a1b1a2c
SHA1

4f3be0eaaa33518c2c8d5657611a246a64e19fd4
SHA256

af000244053caa1581210637533d3f26ed44d343178c76cf236770f53cfa2c8f
SHA512

be942e61d008945e68450028e21d54623f908f8d0174f5e38a800a7308e6d415aa776f0915fad8c8c55fb82ddfe1e2835c3297ed04066455d56c01b817faddb6
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO35:/7BSH8zUB+nGESaaRvoB7FJNndnM

Score

8^/10

Malware Config

Targets

- Target
  
  af000244053caa1581210637533d3f26ed44d343178c76cf236770f53cfa2c8f
- Size
  
  184KB
- MD5
  
  471908317294c8f960f070e48a1b1a2c
- SHA1
  
  4f3be0eaaa33518c2c8d5657611a246a64e19fd4
- SHA256
  
  af000244053caa1581210637533d3f26ed44d343178c76cf236770f53cfa2c8f
- SHA512
  
  be942e61d008945e68450028e21d54623f908f8d0174f5e38a800a7308e6d415aa776f0915fad8c8c55fb82ddfe1e2835c3297ed04066455d56c01b817faddb6
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO35:/7BSH8zUB+nGESaaRvoB7FJNndnM
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2