66fce0858a04c838f27ca2f39aedd6a82992ead1fe6d1cb65713daad8293ac47 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

F02963133.311031.71683..zip
Size

1KB
Sample

230515-qv8lksea4z
MD5

79e5f456138fbcb2d6494673ee922155
SHA1

c61759f8fe939404e093b90fc56d55d1406ecfc2
SHA256

66fce0858a04c838f27ca2f39aedd6a82992ead1fe6d1cb65713daad8293ac47
SHA512

091242f8f584a0271c93c6b6cebe5593f410f64582ad4661d941369e35911cfb534f4e2106ae95889c7517895ec159450cfedc297d39b74dbf140b367b712cc7

Score

8^/10

Malware Config

Targets

- Target
  
  F02963133.311031.71683.cmd
- Size
  
  805B
- MD5
  
  4febd2921bda836bb5a43767837f108c
- SHA1
  
  55ecbf1abbf2a0b6a58df339646dad90269a7a59
- SHA256
  
  f8939862dc78adce55c0ab495ebc05aa7a0628edddbf59f60d4fdc5fb4ee8b68
- SHA512
  
  d3746a69b0bf0fc3833f9ab0e57ee19aaa7a988fe5c4c166640e0544233513b49508031e52976eaaf442b678ffc88e4cd03bb755a536992e658d5bea50a42515
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  F02963133.311031.71683.lNk
- Size
  
  1023B
- MD5
  
  7d0736d13c2030c2b0fd0402f5bf5f2f
- SHA1
  
  dec9891b7e0fbfafa064e9ba0136654b00ca453d
- SHA256
  
  fb3cae26fcce3d41937858a20adf31643fafad66b4b6803a1457db0dde146f64
- SHA512
  
  05b331086ad4d116d05cc922cbc8a3b7545771794b8f32e2dac3fb691303f3fbc45b83ab51022823ad9870c4d6a486db4060cf4b2bad01729d0889637c12382d
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4