5f14cc7f6d1f7bb086cc919162c12a68e6ad5fa0eff346b659d3ed6933e09184 | Triage

Sharing

General

Target

Doc_2832233887.335561.17564.cmd
Size

323B
Sample

230320-n6weaadd52
MD5

8610c13e7131e2104e5e9fe763dcb11f
SHA1

96d6beb6244a7f1581edc0929c543249fd622c86
SHA256

5f14cc7f6d1f7bb086cc919162c12a68e6ad5fa0eff346b659d3ed6933e09184
SHA512

13b8785b44b1d75ed4a41e57ecac7e1722879cf5fb089665b1d3e929bbe412c703c3529972bd7967a26ace1222faceaac25d7faa1481cba3870bfb2807235221

Score

8^/10

Malware Config

Targets

- Target
  
  Doc_2832233887.335561.17564.cmd
- Size
  
  323B
- MD5
  
  8610c13e7131e2104e5e9fe763dcb11f
- SHA1
  
  96d6beb6244a7f1581edc0929c543249fd622c86
- SHA256
  
  5f14cc7f6d1f7bb086cc919162c12a68e6ad5fa0eff346b659d3ed6933e09184
- SHA512
  
  13b8785b44b1d75ed4a41e57ecac7e1722879cf5fb089665b1d3e929bbe412c703c3529972bd7967a26ace1222faceaac25d7faa1481cba3870bfb2807235221
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2