9e6489cea58fbdbeba82e70184181efb4aaa8783678ad153a2ea2c23e79050ff | Triage

Sharing

General

Target

cons.exe
Size

48KB
Sample

231101-qqt8dsag54
MD5

7e698529fca2a876ef681d0e237d4f86
SHA1

e1a4fc515f2a923bb018dce36ade53046d9dd139
SHA256

9e6489cea58fbdbeba82e70184181efb4aaa8783678ad153a2ea2c23e79050ff
SHA512

9492705d6c02e5e6bf6a8224faab75677842f5754e95f8ca1c2d7a842c91cc1cf4c95313aa04a73a2b37e51b25f5a8a5c029ccab330e7c6f9abfb7ec381b588c
SSDEEP

384:/6wxx4IppEdYSOIBvfNyNEcN31hCqvUh6HSKHruhMCKzO3:9piRN4F1lU0lHSkq3

Score

8^/10

Malware Config

Targets

- Target
  
  cons.exe
- Size
  
  48KB
- MD5
  
  7e698529fca2a876ef681d0e237d4f86
- SHA1
  
  e1a4fc515f2a923bb018dce36ade53046d9dd139
- SHA256
  
  9e6489cea58fbdbeba82e70184181efb4aaa8783678ad153a2ea2c23e79050ff
- SHA512
  
  9492705d6c02e5e6bf6a8224faab75677842f5754e95f8ca1c2d7a842c91cc1cf4c95313aa04a73a2b37e51b25f5a8a5c029ccab330e7c6f9abfb7ec381b588c
- SSDEEP
  
  384:/6wxx4IppEdYSOIBvfNyNEcN31hCqvUh6HSKHruhMCKzO3:9piRN4F1lU0lHSkq3
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2