f2b73688890f45535fdbe477741a08fac54c1e75888182c68088a27bec0cc6e0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

643d2215dacb3.zip
Size

6KB
Sample

230419-x9rd6sda48
MD5

4ae2673dc982dc437ab6be09de61a9ee
SHA1

af3eb256d05267b5401b58e29b346632ac532bcc
SHA256

f2b73688890f45535fdbe477741a08fac54c1e75888182c68088a27bec0cc6e0
SHA512

346b67a281214b20c46e786c73c80277ba7d95023800545c9d946729939a9de063b2fcc341834203d28d767e6deb2de8759cf0b8c8ac6066bdd49bec379ce0a4
SSDEEP

192:y4GWkElrIwRW6HRfOG9l2cdsmnHsaYXV7HmGp9KB:tiEl06HRfOCl2QNnHqWB

Score

8^/10

Malware Config

Targets

- Target
  
  Complaint_Copy_839614.wsf
- Size
  
  16KB
- MD5
  
  135adafbad658e92e2c9223d8b62571f
- SHA1
  
  bc186ff0c53d4308524aef1d0cf8cc8cf3f0d506
- SHA256
  
  4c4ddaaa36e9b88a6ffc058fba0403c125d3efe8813c3e70debc2b772d04f9e5
- SHA512
  
  a749ff4a5c71562e85048796bd7056c8be1fbbf87623c982a85c3958784ac6b66c4704538a3c04987595dfc5157452e6649faeff7f72f54bb5271893a303f6be
- SSDEEP
  
  384:AZwOuqQwE5nyzMaDAc5FNdShkwVUGCTfZOnQeZ/d:ATumXDV5bdShHQfInT1
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2