43c3b3e0e23d878f1223515a5a68a3c186e6a65ae3021e358865f3e0a9559544 | Triage

Sharing

General

Target

a6b3e5fbf63dbd4b38610fd3ff8185d7.bin
Size

184KB
Sample

240615-cqxfvszcnm
MD5

a6b3e5fbf63dbd4b38610fd3ff8185d7
SHA1

a21fc2631a62895054ef80d98e748e41c5c30f0a
SHA256

43c3b3e0e23d878f1223515a5a68a3c186e6a65ae3021e358865f3e0a9559544
SHA512

d5e7f067945c905d43ba3268d2d9c0c634f49785943b90b47f0f34934aa3f0007f69e59bcf50cc67b012963db3a03c22d0dfe10d78d755040c5fd4a46708ddde
SSDEEP

3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3A:/7BSH8zUB+nGESaaRvoB7FJNndnB

Score

8^/10

execution

Malware Config

Targets

- Target
  
  a6b3e5fbf63dbd4b38610fd3ff8185d7.bin
- Size
  
  184KB
- MD5
  
  a6b3e5fbf63dbd4b38610fd3ff8185d7
- SHA1
  
  a21fc2631a62895054ef80d98e748e41c5c30f0a
- SHA256
  
  43c3b3e0e23d878f1223515a5a68a3c186e6a65ae3021e358865f3e0a9559544
- SHA512
  
  d5e7f067945c905d43ba3268d2d9c0c634f49785943b90b47f0f34934aa3f0007f69e59bcf50cc67b012963db3a03c22d0dfe10d78d755040c5fd4a46708ddde
- SSDEEP
  
  3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO3A:/7BSH8zUB+nGESaaRvoB7FJNndnB
Score

8^/10

execution
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2