9458091e755b58ab950df66f1cd96ec11731334a19ac43697fe7258554bc59cb | Triage

Sharing

General

Target

Gy.zip
Size

27KB
Sample

230504-ttqadsdf87
MD5

7acd362f944402abc4d4fa5aee43014f
SHA1

705345a59a6af865ef7610240f5e781155ff91bd
SHA256

9458091e755b58ab950df66f1cd96ec11731334a19ac43697fe7258554bc59cb
SHA512

a0994cdf3fd83154aaf466c96c5530124db8b7ab33a35da47ca0126815d2f551dbf3a4763e09fd50676cfc42d555a1eb938fd632543460817bd8e961728b351b
SSDEEP

768:4V8t94e2sO0sd1Rfj2vriKoj6L4YpTjcNIr/WGhf7b3nAuT0Z:oc94/sO5Rfj+VsQkyrVfXVW

Score

8^/10

Malware Config

Targets

- Target
  
  Gy.zip
- Size
  
  27KB
- MD5
  
  7acd362f944402abc4d4fa5aee43014f
- SHA1
  
  705345a59a6af865ef7610240f5e781155ff91bd
- SHA256
  
  9458091e755b58ab950df66f1cd96ec11731334a19ac43697fe7258554bc59cb
- SHA512
  
  a0994cdf3fd83154aaf466c96c5530124db8b7ab33a35da47ca0126815d2f551dbf3a4763e09fd50676cfc42d555a1eb938fd632543460817bd8e961728b351b
- SSDEEP
  
  768:4V8t94e2sO0sd1Rfj2vriKoj6L4YpTjcNIr/WGhf7b3nAuT0Z:oc94/sO5Rfj+VsQkyrVfXVW
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2