e5f0efdb833e0b8ec06d88d13039ac9ab2b46a70a26a6c9c07868a79b8f11f62 | Triage

Resubmissions

21-04-2024 20:52

240421-zn1rtsbc83 7

19-04-2024 15:44

240419-s6n3esgb57 8

Sharing

General

Target

FA Installer.bat
Size

42KB
Sample

240421-zn1rtsbc83
MD5

ac48f9875234a4e5649d152672903198
SHA1

6795362296194a79770a385a1a81efa89c6fe203
SHA256

e5f0efdb833e0b8ec06d88d13039ac9ab2b46a70a26a6c9c07868a79b8f11f62
SHA512

b5a8cf484eca8afde45a78b6768970a3ccd9f4731f4f9a227ac22e02cb3c9c158c8221c136fef191ce9967b2b4bc8c7f4aa6a4310e04dc5e3e5b8b7fc712df44
SSDEEP

768:lnwnjP9zogqnrT9AHuhUcKhnuxGTBmF5p8yJVS5LTf+iA0:FI89nf9tUc+nuxGIFwyKhTf+r0

Score

7^/10

Malware Config

Targets

- Target
  
  FA Installer.bat
- Size
  
  42KB
- MD5
  
  ac48f9875234a4e5649d152672903198
- SHA1
  
  6795362296194a79770a385a1a81efa89c6fe203
- SHA256
  
  e5f0efdb833e0b8ec06d88d13039ac9ab2b46a70a26a6c9c07868a79b8f11f62
- SHA512
  
  b5a8cf484eca8afde45a78b6768970a3ccd9f4731f4f9a227ac22e02cb3c9c158c8221c136fef191ce9967b2b4bc8c7f4aa6a4310e04dc5e3e5b8b7fc712df44
- SSDEEP
  
  768:lnwnjP9zogqnrT9AHuhUcKhnuxGTBmF5p8yJVS5LTf+iA0:FI89nf9tUc+nuxGIFwyKhTf+r0
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2