1a222a64d34ccfb38f44dbac05b3bad49ba69011f7e1e11029b80856421aba7d | Triage

Resubmissions

11/10/2023, 08:35

231011-kg51msdf45 8

11/10/2023, 07:21

231011-h6qadahe5x 1

Sharing

Copy URL Twitter E-mail

General

Target

F2ct_MwoQl70l6hvDg4ej.zip
Size

150KB
Sample

231011-kg51msdf45
MD5

2205218136898ad513b82fdbea2ea935
SHA1

e65092c4886fce3bba1c5973693eca56880d05fe
SHA256

1a222a64d34ccfb38f44dbac05b3bad49ba69011f7e1e11029b80856421aba7d
SHA512

4fb58fd8e08825f4e036cfa49e9bb4fd684cba9625be60e75ec43a2a4ac027c3d25ba9484a95746b38a27cc3f78f6884fcc67fdbe73d9aed14c45b648ffc3114
SSDEEP

3072:2pROw69Goxr9+jKVpBCecDLm9Nf66A218+jpVd8yZW6FyFPFi9HQB:OB69B40JOmL6Vf8pVGbNi9wB

Score

8^/10

Malware Config

Targets

- Target
  
  F2ct_MwoQl70l6hvDg4ej.zip
- Size
  
  150KB
- MD5
  
  2205218136898ad513b82fdbea2ea935
- SHA1
  
  e65092c4886fce3bba1c5973693eca56880d05fe
- SHA256
  
  1a222a64d34ccfb38f44dbac05b3bad49ba69011f7e1e11029b80856421aba7d
- SHA512
  
  4fb58fd8e08825f4e036cfa49e9bb4fd684cba9625be60e75ec43a2a4ac027c3d25ba9484a95746b38a27cc3f78f6884fcc67fdbe73d9aed14c45b648ffc3114
- SSDEEP
  
  3072:2pROw69Goxr9+jKVpBCecDLm9Nf66A218+jpVd8yZW6FyFPFi9HQB:OB69B40JOmL6Vf8pVGbNi9wB
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1