a5f71a0f0673b86c36bee75aeba8bc790c7a1b922ebb2e45c90736e9a7051306 | Triage

Resubmissions

19/11/2023, 06:05

231119-gs97ysha44 7

19/11/2023, 05:39

231119-gcjp3ahh2w 7

Sharing

Copy URL Twitter E-mail

General

Target

Avenge.ac.client.bad
Size

9.8MB
Sample

231119-gs97ysha44
MD5

b814b02b559364976d2087c4b42dec3d
SHA1

f9bf8e6b10c21b11bfc1688e17f93f5ed22ab4da
SHA256

a5f71a0f0673b86c36bee75aeba8bc790c7a1b922ebb2e45c90736e9a7051306
SHA512

e760dc68a01a364b9da7c0a0504736de7b47cf0057fe8c7700601d575ca5100f137c376910310520a078bd7369f50cb8e3d2d487e47664d6f880127dbce5f7e1
SSDEEP

196608:Pox/SmDbV7FPFZjNOS+meyze4sw/aEDS/yTrEcr0yJhmaW0Ivo/kRSu4oGtYg+c:PoxhDJ7xLNOS9ey3nD6mr0UhFWXo/Mmv

Score

7^/10

Malware Config

Targets

- Target
  
  Avenge.ac.client.bad
- Size
  
  9.8MB
- MD5
  
  b814b02b559364976d2087c4b42dec3d
- SHA1
  
  f9bf8e6b10c21b11bfc1688e17f93f5ed22ab4da
- SHA256
  
  a5f71a0f0673b86c36bee75aeba8bc790c7a1b922ebb2e45c90736e9a7051306
- SHA512
  
  e760dc68a01a364b9da7c0a0504736de7b47cf0057fe8c7700601d575ca5100f137c376910310520a078bd7369f50cb8e3d2d487e47664d6f880127dbce5f7e1
- SSDEEP
  
  196608:Pox/SmDbV7FPFZjNOS+meyze4sw/aEDS/yTrEcr0yJhmaW0Ivo/kRSu4oGtYg+c:PoxhDJ7xLNOS9ey3nD6mr0UhFWXo/Mmv
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2