b6024ad4d9a671ea665f26832d07c38afd8efe28d03cb968fb07cd9644805da7 | Triage

Sharing

General

Target

b6024ad4d9a671ea665f26832d07c38afd8efe28d03cb968fb07cd9644805da7
Size

223KB
Sample

221205-pp6z5aac88
MD5

e94463b15bebb3de8fc4fa9760898c8e
SHA1

6589dc315d4b268a83a1d2ef80e8d3f6829867f3
SHA256

b6024ad4d9a671ea665f26832d07c38afd8efe28d03cb968fb07cd9644805da7
SHA512

c874a9dcf7fc9164c83ab43fd29eb547a7fe10f2f51cd79cfd2a233a1f6ac688b3cf70293be50ea4408c331d14d48508ee17e063d478af628adde44a0194180e
SSDEEP

3072:JxVohYkQr0jeLwJr95rJolNAzyP+msVK0ZiIYPCykptZjPkjPjPjPjPjPjcFP8rB:eYQqLwhHrWsOP+5VT7aCXa77777TR

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  b6024ad4d9a671ea665f26832d07c38afd8efe28d03cb968fb07cd9644805da7
- Size
  
  223KB
- MD5
  
  e94463b15bebb3de8fc4fa9760898c8e
- SHA1
  
  6589dc315d4b268a83a1d2ef80e8d3f6829867f3
- SHA256
  
  b6024ad4d9a671ea665f26832d07c38afd8efe28d03cb968fb07cd9644805da7
- SHA512
  
  c874a9dcf7fc9164c83ab43fd29eb547a7fe10f2f51cd79cfd2a233a1f6ac688b3cf70293be50ea4408c331d14d48508ee17e063d478af628adde44a0194180e
- SSDEEP
  
  3072:JxVohYkQr0jeLwJr95rJolNAzyP+msVK0ZiIYPCykptZjPkjPjPjPjPjPjcFP8rB:eYQqLwhHrWsOP+5VT7aCXa77777TR
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2