dd2b6f5f2a878ee38b816551b6ab964b7e2624325d1b942eee26b953b58351d2 | Triage

Sharing

General

Target

1f5ddc00ded03b107ed1306f49592188.bin
Size

1KB
Sample

231012-aasfvsef93
MD5

dfcac54047febbaa10461cc0c7a488d5
SHA1

8ad95bb40bf5e7ad99dc2e5d04de0d06078f949a
SHA256

dd2b6f5f2a878ee38b816551b6ab964b7e2624325d1b942eee26b953b58351d2
SHA512

36a6e954d0a60d231a3c1f233e7b3e972dca2227f5b7334b0965d72610f00cce76c9d1f6b1db0aacc8344ea6c7f703f6751c6b998593ae177708e5568a5031d1

Score

8^/10

Malware Config

Targets

- Target
  
  2b31d24b4040c4e57b0763eb38c387f3d98411780e9e3580a6f1933e1bcfa2df.lnk
- Size
  
  2KB
- MD5
  
  1f5ddc00ded03b107ed1306f49592188
- SHA1
  
  a44896e8ad949c6c83f3d8cb1caccf6056e8ed22
- SHA256
  
  2b31d24b4040c4e57b0763eb38c387f3d98411780e9e3580a6f1933e1bcfa2df
- SHA512
  
  85131d8da35735a31b0cb0570e89bb18cefee09a237bb8c6a9f860b5bc19c2a73146f98c9603f28950f3d32b7dfb1ed8b67c7196dbc6de4f119c56ee5bf53668
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2