82074956aefce5b19a9560de665c89f7db883f01e0a27218dea13280a981fffc | Triage

Resubmissions

21/05/2023, 20:06

230521-yvqprscb72 7

21/05/2023, 20:03

230521-ys2z1sfa6z 7

Sharing

General

Target

79571f0ad832a31a1121f7c698496de7e4700271ccf0a7ed7fe817688528a953.zip
Size

1KB
Sample

230521-yvqprscb72
MD5

02d185e0e4b51339bcb8c30142e6de94
SHA1

8f33da50ab5895311343d379555ed69467be74e5
SHA256

82074956aefce5b19a9560de665c89f7db883f01e0a27218dea13280a981fffc
SHA512

04113fe3c819646a8c5d203484c2056126a783fb1c335f403faa7d45c886cb35c573b5332e09f5a23ad6cd314d9ce50e57b9b151d8922625c790cda498bbaf19

Score

7^/10

Malware Config

Targets

- Target
  
  Doc signed Subcontract Agreement/seedof.lnk
- Size
  
  3KB
- MD5
  
  efc382d915ab91f89946554f5e6cc42a
- SHA1
  
  8b49368462651afa265273151a1e7d4ea19e6347
- SHA256
  
  beec3ec08fba224c161464ebcc64727912c6678dd452596440809ce99c8390fd
- SHA512
  
  c717e25018645bb9f92c903178baf1401dcd20b12c6b5dcd724e4a9fab3b2ee59559f8392ad2c57196f50d294b4594fcb786d2aa6d8b51044d0419bc051dc3d6
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2