103d4b2be6c41f858cc52802535ea78502f5fab702704fc39e67a2c7d1c565ee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

CBM_Vistoria82783048885553654586815.699179.38512.lNk.lnk
Size

1KB
Sample

230530-gkqtcafh31
MD5

b7403fafb97aa69f0a86293526092727
SHA1

4b3c92feebd81f1ad2020347ad8c02875a381e25
SHA256

103d4b2be6c41f858cc52802535ea78502f5fab702704fc39e67a2c7d1c565ee
SHA512

855d69184902233344de40d9c9115bb9598a7ce6986878f24a25bb59d364354611a78282480b0cc2e4748b2a77e48d153a39247fd49d6e0e17b93b4edab092fe

Score

8^/10

Malware Config

Targets

- Target
  
  CBM_Vistoria82783048885553654586815.699179.38512.lNk.lnk
- Size
  
  1KB
- MD5
  
  b7403fafb97aa69f0a86293526092727
- SHA1
  
  4b3c92feebd81f1ad2020347ad8c02875a381e25
- SHA256
  
  103d4b2be6c41f858cc52802535ea78502f5fab702704fc39e67a2c7d1c565ee
- SHA512
  
  855d69184902233344de40d9c9115bb9598a7ce6986878f24a25bb59d364354611a78282480b0cc2e4748b2a77e48d153a39247fd49d6e0e17b93b4edab092fe
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2