12ce0b7b448132740cc24e522b99c52908b81bc4800eaffaf4a71c2eb025ad4c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

101d379bca340db452de52bcf868c31a
Size

1.4MB
Sample

231230-f93nrsghc5
MD5

101d379bca340db452de52bcf868c31a
SHA1

5426b3e018ed67d0f960c464050588ae25dfc82f
SHA256

12ce0b7b448132740cc24e522b99c52908b81bc4800eaffaf4a71c2eb025ad4c
SHA512

e45dd932bf7a4c1518c16a0323b01ff5af9255a08464a45e8f7f843ba77fc6d5fa3ac730adf0e7b2ac82561a1a6c298ca15cae00ec6c89f68b6cf561a3b56849
SSDEEP

24576:u+fl7W4CtMfYYobkwgVV0W8vsN2a9vBnhUzw8Tm426kvEPJSknr5a79Pag9jQbWM:dxjfsmsW80992Em2/0Ic564OkbWMZJ

Score

7^/10

Malware Config

Targets

- Target
  
  101d379bca340db452de52bcf868c31a
- Size
  
  1.4MB
- MD5
  
  101d379bca340db452de52bcf868c31a
- SHA1
  
  5426b3e018ed67d0f960c464050588ae25dfc82f
- SHA256
  
  12ce0b7b448132740cc24e522b99c52908b81bc4800eaffaf4a71c2eb025ad4c
- SHA512
  
  e45dd932bf7a4c1518c16a0323b01ff5af9255a08464a45e8f7f843ba77fc6d5fa3ac730adf0e7b2ac82561a1a6c298ca15cae00ec6c89f68b6cf561a3b56849
- SSDEEP
  
  24576:u+fl7W4CtMfYYobkwgVV0W8vsN2a9vBnhUzw8Tm426kvEPJSknr5a79Pag9jQbWM:dxjfsmsW80992Em2/0Ic564OkbWMZJ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2