a4fcf33920d72da4ddab4987526feb5e9671935e2265ced20d4ac795c2c8a2cb | Triage

Sharing

General

Target

python-mysqldb-2.4.tar.gz
Size

130KB
Sample

231229-n4a1kadeck
MD5

935d7aa15b51e425233a8026a161d7ac
SHA1

3c78274c799d5e9bf2cc19ccf61cd6cc784a2b70
SHA256

a4fcf33920d72da4ddab4987526feb5e9671935e2265ced20d4ac795c2c8a2cb
SHA512

b067d886bec866cefe9d87cfcc910da71df0cc7e73c3a727beea52a6304faade9c343289c3fedd5a5c948df17a5943cff9dce32b3ecef1b15a6ed91ae3384fd5
SSDEEP

3072:pIfpNI2MBr1cvF5w0BOjS+rzkpqkPMstnZ3M4ABGOQdvaL9U1fvPrZtzoLvDuqJ2:tvDuqJffLxVSgE29xxspm0niivuz3bXk

Score

7^/10

Malware Config

Targets

- Target
  
  python-mysqldb-2.4.tar.gz
- Size
  
  130KB
- MD5
  
  935d7aa15b51e425233a8026a161d7ac
- SHA1
  
  3c78274c799d5e9bf2cc19ccf61cd6cc784a2b70
- SHA256
  
  a4fcf33920d72da4ddab4987526feb5e9671935e2265ced20d4ac795c2c8a2cb
- SHA512
  
  b067d886bec866cefe9d87cfcc910da71df0cc7e73c3a727beea52a6304faade9c343289c3fedd5a5c948df17a5943cff9dce32b3ecef1b15a6ed91ae3384fd5
- SSDEEP
  
  3072:pIfpNI2MBr1cvF5w0BOjS+rzkpqkPMstnZ3M4ABGOQdvaL9U1fvPrZtzoLvDuqJ2:tvDuqJffLxVSgE29xxspm0niivuz3bXk
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2