18f24841651461bd84a5eac08be9bce9eab54b133b0e837d5298dac44e199d5f | Triage

Sharing

General

Target

18f24841651461bd84a5eac08be9bce9eab54b133b0e837d5298dac44e199d5f
Size

1.4MB
Sample

240410-ltgz1sec5z
MD5

28267ea322e3975f1e98c64a1c77f509
SHA1

e1d92e085df142d703ed9fd9c65ed92562a759fa
SHA256

18f24841651461bd84a5eac08be9bce9eab54b133b0e837d5298dac44e199d5f
SHA512

2c0bd061a51e48c057fdd0b05dc959c48e79ef3df3ca1abec105b8be2aa53f416f92c109c23029a11d4d3e7e75529215877d41b5bfe5d462d844b3bae29c1a42
SSDEEP

24576:bSOCJ+Kt7ADfN0l6GMwF5fdn17nlz/Nz/9z/8z/Uz/Nz/Oz/aVuADDePddFkEPSr:JtTGIwloSpeQiMcRc/s+kobXnz/q/xnQ

Score

8^/10

Malware Config

Targets

- Target
  
  18f24841651461bd84a5eac08be9bce9eab54b133b0e837d5298dac44e199d5f
- Size
  
  1.4MB
- MD5
  
  28267ea322e3975f1e98c64a1c77f509
- SHA1
  
  e1d92e085df142d703ed9fd9c65ed92562a759fa
- SHA256
  
  18f24841651461bd84a5eac08be9bce9eab54b133b0e837d5298dac44e199d5f
- SHA512
  
  2c0bd061a51e48c057fdd0b05dc959c48e79ef3df3ca1abec105b8be2aa53f416f92c109c23029a11d4d3e7e75529215877d41b5bfe5d462d844b3bae29c1a42
- SSDEEP
  
  24576:bSOCJ+Kt7ADfN0l6GMwF5fdn17nlz/Nz/9z/8z/Uz/Nz/Oz/aVuADDePddFkEPSr:JtTGIwloSpeQiMcRc/s+kobXnz/q/xnQ
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2