e0bca885d43ecab85d4ea2a87799e139dfdeccef87fb698a9288ab58f41ad4b2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac30912298480d45bf0f9e1c035e96da5c56cda83c13d501510cf812d0e8d113
Size

79KB
Sample

230614-k5yw8sfe6v
MD5

f181009234187c5eb98d231fccc8cd2e
SHA1

99d20646d0e0eff3fe52ca9f411caf287819215c
SHA256

e0bca885d43ecab85d4ea2a87799e139dfdeccef87fb698a9288ab58f41ad4b2
SHA512

e435ec00e00c172ef049673d6bd82afef34169dc1b8774e1e0a8fed0b3fb1ac824af56a90e9d818be9f25263e0c9446f33f7cffa078322705d06488f1e5746f7
SSDEEP

1536:ABkEevlvo/waQ6JMeruJmoK0c1msvpb7i7B7tGvG/sGUsywItmMZbn:AK5vIbQMhd0rMbu7B7tGvG/sFEMBn

Score

8^/10

Malware Config

Targets

- Target
  
  ac30912298480d45bf0f9e1c035e96da5c56cda83c13d501510cf812d0e8d113
- Size
  
  313KB
- MD5
  
  5d0d7b09abf7b81ce91cb7bac5eddc03
- SHA1
  
  6adae30d75c2d4784a0c0913d31461dc378041a0
- SHA256
  
  ac30912298480d45bf0f9e1c035e96da5c56cda83c13d501510cf812d0e8d113
- SHA512
  
  e366d4b0f2b732dd8a9457dcc2f5b3bd13692ab98c3fd35a3f47bd5a9725ae42d3682c2726ca6b2ba4b3b9cce50948907b21a513df510f2cc00789bf7c644951
- SSDEEP
  
  6144:bSfr0dh2tgcH6YTkM0cNRcpZwg/EBQ+8N/ygD1pRbcSb6h77hS:bSfrSh2tgcH6YTkMXRcpZwg/QQ+I/ygn
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2