a7773028de935f6c3060398256f1990d75ba519509e403c160af0c4079b6d4b1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

AssinaturaAutentique27718.69724.zip
Size

1KB
Sample

230424-v9en9sfb9w
MD5

c63437ed191b820a4ed80e389dc8c78a
SHA1

2cd2af4946521b608fce6d0c45beca45326d2ab9
SHA256

a7773028de935f6c3060398256f1990d75ba519509e403c160af0c4079b6d4b1
SHA512

f47d4aa58cf3d8c95db952e0c7ec99e1fd77171beb601e19e55e35e02dd9e073f7a9ea91a8a60f1640ed60e600eab6fd6762499c49e8e72d9f77712f1ab39357

Score

8^/10

Malware Config

Targets

- Target
  
  AssinaturaAutentique089.998686.95887.cmd
- Size
  
  835B
- MD5
  
  7e73323d8389accd3a107c75cc2ab959
- SHA1
  
  9561365e1e2d7f6e3ecc838b3bacc2b5f1aa1da8
- SHA256
  
  7af4b5096515aa03b9aed7972229f143b67c73f5654bdf82fdd91be90b638f6e
- SHA512
  
  0750f973200c505706119234c676a96877c055cc3d90e432a56be6abc39dba10c36543a406cd9d364b3f3eebdba3395a312e9d1f80b538f581a1a6f9b7f9977c
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  AssinaturaAutentique089.998686.95887.lNk
- Size
  
  1KB
- MD5
  
  16127392c9cb8ba98eb6abadf7b6a41b
- SHA1
  
  3c87a93a8b806dde5282cbb7519023f92392622a
- SHA256
  
  bf814a5671618d2febd67f1ad0be53f18b02fc05e15c77ff840dc6d1398d8d39
- SHA512
  
  f29a117f959b570e2dff95922fe931ae946f63fea9275e6afc71882ce474a1267d901cfa6947ca0f93092a2445dfb0850a76ea0f9733c7b9e42aa51eb1ec68b1
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4