bd27d084382fb4577b2751a18a7c133debe9070e0cfbb8bec9ce94342f801520 | Triage

Sharing

General

Target

3a648727ed2e488aaa9acc81400de1e3.lnk
Size

485B
Sample

230216-q5tkeahg82
MD5

3a648727ed2e488aaa9acc81400de1e3
SHA1

a94fb4394ff6d7f086e29b431d29d8bd44060509
SHA256

bd27d084382fb4577b2751a18a7c133debe9070e0cfbb8bec9ce94342f801520
SHA512

4c99757ba90fd98e368f9d297f3417a42b42e6b132b080d1e37059e517f7a943cf5d0d2730279b6ef19e57f4079549623dd28faeee235cd07d874f7dd628bba0

Score

8^/10

Malware Config

Targets

- Target
  
  3a648727ed2e488aaa9acc81400de1e3.lnk
- Size
  
  485B
- MD5
  
  3a648727ed2e488aaa9acc81400de1e3
- SHA1
  
  a94fb4394ff6d7f086e29b431d29d8bd44060509
- SHA256
  
  bd27d084382fb4577b2751a18a7c133debe9070e0cfbb8bec9ce94342f801520
- SHA512
  
  4c99757ba90fd98e368f9d297f3417a42b42e6b132b080d1e37059e517f7a943cf5d0d2730279b6ef19e57f4079549623dd28faeee235cd07d874f7dd628bba0
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2