e0edac790fe7ebdc629d3bd6e55fabc989ad9ac45285fd9f9574d21a23a397a8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29_FLUXO_PROJETADO460.413158.79947.lNk.lnk
Size

489B
Sample

230330-rsfnfsee2v
MD5

cfe202b44911fa31c8e4cd5d87a3034c
SHA1

14e487c77f5d82aba296f709dae10a7504492b2b
SHA256

e0edac790fe7ebdc629d3bd6e55fabc989ad9ac45285fd9f9574d21a23a397a8
SHA512

c83953276a9000777867bb3237980f090824f25fb5c37c1c29441dc70ae4a9ac4c7e92f72e1f211d630fec73b3c4fc63ad2502ef8a91f3d77ccee2300314ded4

Score

8^/10

Malware Config

Targets

- Target
  
  29_FLUXO_PROJETADO460.413158.79947.lNk.lnk
- Size
  
  489B
- MD5
  
  cfe202b44911fa31c8e4cd5d87a3034c
- SHA1
  
  14e487c77f5d82aba296f709dae10a7504492b2b
- SHA256
  
  e0edac790fe7ebdc629d3bd6e55fabc989ad9ac45285fd9f9574d21a23a397a8
- SHA512
  
  c83953276a9000777867bb3237980f090824f25fb5c37c1c29441dc70ae4a9ac4c7e92f72e1f211d630fec73b3c4fc63ad2502ef8a91f3d77ccee2300314ded4
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2