511dc76c85bfb8e51a8064aa36cea5294b32c40985c30eb2b940f8bf08a0644f | Triage

Sharing

General

Target

305bf697e89e6eef59b0beef2b273a1daad174ebec238a67a6e80c5df5fffaf8.zip
Size

32KB
Sample

240424-ef5etsef59
MD5

44e8fb2f27f3f66654d63ac6340f2b16
SHA1

e36cd352eb3bf6d7b054eb0086fdf9cf865b625d
SHA256

511dc76c85bfb8e51a8064aa36cea5294b32c40985c30eb2b940f8bf08a0644f
SHA512

084194c8fd5a07151bb206a00d3f90ae3ef6b1dfd6dec02825061af6ff3a22185dfc8fd85368f0684e76cdffe5391bd8011cb7c285c591e5e65c77c854cdb138
SSDEEP

768:g0hpncBVQBypNetZqW2w40mY50u7NxxaKw/CFLmc2kPWPBxou:g0DnsQQ/etZqFncJxhw/CFLm8tu

Score

8^/10

Malware Config

Targets

- Target
  
  305bf697e89e6eef59b0beef2b273a1daad174ebec238a67a6e80c5df5fffaf8
- Size
  
  73KB
- MD5
  
  895ee3f2e0558873611f58c50200946f
- SHA1
  
  849030d4496209542fd02e52c2a180d763705755
- SHA256
  
  305bf697e89e6eef59b0beef2b273a1daad174ebec238a67a6e80c5df5fffaf8
- SHA512
  
  5738259687452334c22ba532e3dcd441c156ba8c87ca4e91a15d2b294bd6ac26b0bc07d4a42b4ef01bbcf886951d1a350bb9b6b298ad089faef266a4444a4fd9
- SSDEEP
  
  768:KzGOeG/Nvx8XxydOVsTY5pi37n5wMhRSuDth24/kdikQlRpaU+eh9qVNV+UboV4Z:scyNvaXp6IN+QVFi1G
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2