fac5d98032b75f647d81a2e6ba452be1ffe03ea4293641db6d1bc68d7c23a3ad | Triage

Sharing

General

Target

SecuriteInfo.com.Variant.Marsilia.2083.9036.16697.exe
Size

5KB
Sample

221225-mkzddabd55
MD5

76a7ebc14b56ff57b127630fa4d10df4
SHA1

b8641767f98da027ded8472ee43a7fa01e4855fb
SHA256

fac5d98032b75f647d81a2e6ba452be1ffe03ea4293641db6d1bc68d7c23a3ad
SHA512

818750af409f30426c26b8e5c5e8ef25faa13486bad738619d85c72bf09c2e2943efde13764e0a28d8cab5dda0ed5cbad3afbe66d01bb7e58d3d23f455243aa7
SSDEEP

96:y879lZCFmOKd4Xthbvk+I0AY0sxvk+Iz8Bv8d3ojGrl:yK9loFZKdmfvkTYJvkZW8d7

Score

8^/10

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Variant.Marsilia.2083.9036.16697.exe
- Size
  
  5KB
- MD5
  
  76a7ebc14b56ff57b127630fa4d10df4
- SHA1
  
  b8641767f98da027ded8472ee43a7fa01e4855fb
- SHA256
  
  fac5d98032b75f647d81a2e6ba452be1ffe03ea4293641db6d1bc68d7c23a3ad
- SHA512
  
  818750af409f30426c26b8e5c5e8ef25faa13486bad738619d85c72bf09c2e2943efde13764e0a28d8cab5dda0ed5cbad3afbe66d01bb7e58d3d23f455243aa7
- SSDEEP
  
  96:y879lZCFmOKd4Xthbvk+I0AY0sxvk+Iz8Bv8d3ojGrl:yK9loFZKdmfvkTYJvkZW8d7
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2