b29b2bec69132400c308d2dc67cd059c741a3864ed17bf284e9b1c07a2eb48a0 | Triage

Sharing

General

Target

11750092712.zip
Size

77KB
Sample

230912-kaw46aeg85
MD5

01fa28ce596d2037369c38bb5784f69c
SHA1

6851abbd6fa4a0d8d5ee36cc5f19f64bfd97d70a
SHA256

b29b2bec69132400c308d2dc67cd059c741a3864ed17bf284e9b1c07a2eb48a0
SHA512

11e36a9c1602d818b96e8704714d1fa2d11b71a28cbe27a5891c070de6ef4e84dc862d71acaf51f9e9181bec1de0530799618e7b288074d59ce1185a88454d1d
SSDEEP

1536:uTpasSM9Fc03JszSe8cXvQch1Z2+JpD8IJvNURiIke/ta2zjMXufpJU:umM9FLJbcXv/Z2+JqIJvNURXk+tpzjM9

Score

8^/10

Malware Config

Targets

- Target
  
  067c95ad074afd8993281b02f74d0f257fb312943da0887355da652afb54c0ab
- Size
  
  107KB
- MD5
  
  c974ffe23d57ec909ef26b55f202047e
- SHA1
  
  ec6da5616d6b3b3269fababe104bfe04f2828717
- SHA256
  
  067c95ad074afd8993281b02f74d0f257fb312943da0887355da652afb54c0ab
- SHA512
  
  756977c99eb9a685201af8c27ce81e53e292af6c0d06726a86d7b67d4236e7057084b3545299d4cd4729c9d6c04fcb01c18868dff6d90273d029f8dcfea1899d
- SSDEEP
  
  1536:zEHDqvM3NJX3i/5CxGKoUA6oAm3gWl59xxYalgnjbYnbwjrsW+A0U0jRiD:qqvM3Xi/5CxGKFMT9xxojmsgdnjsD
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2