6424b7f5bcf75dbdc4f036363cc54be98707a5dc17743a5034375d9001d1c2e6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32b9ab638ae4cbb56acd11493c960a3d
Size

78KB
Sample

231225-wkdlcahbhl
MD5

32b9ab638ae4cbb56acd11493c960a3d
SHA1

03162a8af11632ba2fbfe90e4da3d432c263efb9
SHA256

6424b7f5bcf75dbdc4f036363cc54be98707a5dc17743a5034375d9001d1c2e6
SHA512

98d001ac00440634e9bcd4437888ef9db277197268bab9d1243f5959726f3bb3e06a94c47b17715b007156c332167b4cca4080098ad5b854c8cf3911a2fbcc7e
SSDEEP

1536:3a1ovwQleWu5YtoAmosnXddlDI+vlkKlLB/Jx8K1U3/ef:MQle9UoAmosntHvlkOLB/z8A8/ef

Score

8^/10

Malware Config

Targets

- Target
  
  32b9ab638ae4cbb56acd11493c960a3d
- Size
  
  78KB
- MD5
  
  32b9ab638ae4cbb56acd11493c960a3d
- SHA1
  
  03162a8af11632ba2fbfe90e4da3d432c263efb9
- SHA256
  
  6424b7f5bcf75dbdc4f036363cc54be98707a5dc17743a5034375d9001d1c2e6
- SHA512
  
  98d001ac00440634e9bcd4437888ef9db277197268bab9d1243f5959726f3bb3e06a94c47b17715b007156c332167b4cca4080098ad5b854c8cf3911a2fbcc7e
- SSDEEP
  
  1536:3a1ovwQleWu5YtoAmosnXddlDI+vlkKlLB/Jx8K1U3/ef:MQle9UoAmosntHvlkOLB/z8A8/ef
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2