c7abadaa4f3e9cb734fe374459a1931d54ef5a5b111a8418fb1d5a4cf66121ae | Triage

Sharing

Copy URL Twitter E-mail

General

Target

notaNpadua3015548.042790.62825.lNk.lnk
Size

505B
Sample

230322-p6cgvaag6x
MD5

14ae337cac88ef7daa8da4465ea5378c
SHA1

6cc43ae0b0cf92c935924509c53f3a4c29b7ec4d
SHA256

c7abadaa4f3e9cb734fe374459a1931d54ef5a5b111a8418fb1d5a4cf66121ae
SHA512

1af8d432ba5da34474619ccdbf1fa99606f00578f8f5c97282685cd2808718f21c5c0ace1341a6193699207a312dfafab6819306d42704f2d88dd1ad8df8342b

Score

8^/10

Malware Config

Targets

- Target
  
  notaNpadua3015548.042790.62825.lNk.lnk
- Size
  
  505B
- MD5
  
  14ae337cac88ef7daa8da4465ea5378c
- SHA1
  
  6cc43ae0b0cf92c935924509c53f3a4c29b7ec4d
- SHA256
  
  c7abadaa4f3e9cb734fe374459a1931d54ef5a5b111a8418fb1d5a4cf66121ae
- SHA512
  
  1af8d432ba5da34474619ccdbf1fa99606f00578f8f5c97282685cd2808718f21c5c0ace1341a6193699207a312dfafab6819306d42704f2d88dd1ad8df8342b
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2