67250d5e5cb42df505b278e53ae346e7573ba60a06c3daac7ec05f853100e61c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67250d5e5cb42df505b278e53ae346e7573ba60a06c3daac7ec05f853100e61c
Size

838B
Sample

240410-nqpa2aeb74
MD5

da87df500fc1a563028f7cdd56bc1ea3
SHA1

d8bcc355fd79d20fc95c69d6ef6d071cb522ca86
SHA256

67250d5e5cb42df505b278e53ae346e7573ba60a06c3daac7ec05f853100e61c
SHA512

ff6e263ed12c12c357a10e3e596de28436719f7380c16a1c7cc861eb77f7442222fa671a1522edd7c2946c4bf094b7650fffee7ca6a6004ad425e6f51f781376

Score

8^/10

Malware Config

Targets

- Target
  
  67250d5e5cb42df505b278e53ae346e7573ba60a06c3daac7ec05f853100e61c
- Size
  
  838B
- MD5
  
  da87df500fc1a563028f7cdd56bc1ea3
- SHA1
  
  d8bcc355fd79d20fc95c69d6ef6d071cb522ca86
- SHA256
  
  67250d5e5cb42df505b278e53ae346e7573ba60a06c3daac7ec05f853100e61c
- SHA512
  
  ff6e263ed12c12c357a10e3e596de28436719f7380c16a1c7cc861eb77f7442222fa671a1522edd7c2946c4bf094b7650fffee7ca6a6004ad425e6f51f781376
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2