443f05d26f6c05ad62a45b0fc5fe620e006702cff3b28606fcfc08fffd762a40 | Triage

Sharing

General

Target

password.txt.lnk
Size

2KB
Sample

231004-xkskyaeb8z
MD5

606e4190bb7ccc8cd7a07abd0ea80508
SHA1

e4ea5d93133016d0e8b454e3449b1f89c6a377eb
SHA256

443f05d26f6c05ad62a45b0fc5fe620e006702cff3b28606fcfc08fffd762a40
SHA512

a9102e9bc1cf6155f59969eb85de86b24d37024e3bdfb9490c7689f28ee387cfc5199cc5eac81f167e7348523166f5ff7a3d9cb72cf83639ec9c3f156140f535

Score

8^/10

Malware Config

Targets

- Target
  
  password.txt.lnk
- Size
  
  2KB
- MD5
  
  606e4190bb7ccc8cd7a07abd0ea80508
- SHA1
  
  e4ea5d93133016d0e8b454e3449b1f89c6a377eb
- SHA256
  
  443f05d26f6c05ad62a45b0fc5fe620e006702cff3b28606fcfc08fffd762a40
- SHA512
  
  a9102e9bc1cf6155f59969eb85de86b24d37024e3bdfb9490c7689f28ee387cfc5199cc5eac81f167e7348523166f5ff7a3d9cb72cf83639ec9c3f156140f535
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2