8ceb6b0f210d97f13bfde97d4f2a6f60fdf26b76ddfb6113f32d0eb50761ba53 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ceb6b0f210d97f13bfde97d4f2a6f60fdf26b76ddfb6113f32d0eb50761ba53
Size

116KB
Sample

221207-c5tcragf85
MD5

a9bf6fadfb6557cbc6654dfc5e43fabd
SHA1

046b29c55e05cd45f314218c1b8309e69c7239ba
SHA256

8ceb6b0f210d97f13bfde97d4f2a6f60fdf26b76ddfb6113f32d0eb50761ba53
SHA512

001f6359d916e0616b1b98d4e0ec37a9aa41a58b4d58b24318e80a9f57f5b89b7f58d5f0b41df7328545f007bf437765bdedda24b18498de78c807d767cbb587
SSDEEP

3072:tAxHwOb3hD3ZH4/9daEYP2GgmPPevtzB/oRxrx:tAxLl3ZH4/9QEg1PeFyJ

Score

7^/10

Malware Config

Targets

- Target
  
  8ceb6b0f210d97f13bfde97d4f2a6f60fdf26b76ddfb6113f32d0eb50761ba53
- Size
  
  116KB
- MD5
  
  a9bf6fadfb6557cbc6654dfc5e43fabd
- SHA1
  
  046b29c55e05cd45f314218c1b8309e69c7239ba
- SHA256
  
  8ceb6b0f210d97f13bfde97d4f2a6f60fdf26b76ddfb6113f32d0eb50761ba53
- SHA512
  
  001f6359d916e0616b1b98d4e0ec37a9aa41a58b4d58b24318e80a9f57f5b89b7f58d5f0b41df7328545f007bf437765bdedda24b18498de78c807d767cbb587
- SSDEEP
  
  3072:tAxHwOb3hD3ZH4/9daEYP2GgmPPevtzB/oRxrx:tAxLl3ZH4/9QEg1PeFyJ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2