f10023ad1243012f90fb60f0a4b34f6ff470c1e198654979431b6c49c7c298b2 | Triage

Sharing

General

Target

f10023ad1243012f90fb60f0a4b34f6ff470c1e198654979431b6c49c7c298b2.zip
Size

14KB
Sample

240524-qp9lpafg93
MD5

30cb1fc167cf09870fac05be1b1dc07d
SHA1

0d837cdf9f3cdf55fd8ec199241e79d517680684
SHA256

f10023ad1243012f90fb60f0a4b34f6ff470c1e198654979431b6c49c7c298b2
SHA512

d0d7ede48b67836d2986a98a83e2f76dd0a7e91aa67f5b0bf1f9080b2e131b7e358f9e0691d535bac9fdb69faf312c5eadf7b42ae4a4c99cf1af123b52b101a3
SSDEEP

384:x4U1WsMMzsekFnIepQwMYcgV+jPBbb1uGbzR:x4yrNy1ewMvgklQGbzR

Score

8^/10

Malware Config

Targets

- Target
  
  V_273686.Lnk
- Size
  
  14KB
- MD5
  
  1dca9e98e575af3b1e2b90e59d75dc43
- SHA1
  
  16cc510d884cae94137a9fbf90c4d2c0f0c5d2f1
- SHA256
  
  a89872c21ac68096a76a60e5a13c77ddf79252c3097aea42865879c5b6d452f3
- SHA512
  
  abbe50c0e93d99fe2c12c0c6c33204b28deeecf038f6cf11f67ba6ce770e4b95a7c3c9562512747a8df607408f342a877514e4d1d1dfedc3a5d96d9953563129
- SSDEEP
  
  384:nhjOveahqUcUXmdw7o3m7Ylw0sBsHorbqaUA/d:pOvShUXm68m00e1DY
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2