General

  • Target

    b6be479e45ce3952c378a7488c7124eb94f32243d9e1e0a5d5b23a77a2d5fc55

  • Size

    3KB

  • Sample

    241113-qjgzgswjhk

  • MD5

    f6cb689bab0b98a974aba69ca1aa1224

  • SHA1

    c13655f1887c42ed3bc1b52268841979a0478930

  • SHA256

    b6be479e45ce3952c378a7488c7124eb94f32243d9e1e0a5d5b23a77a2d5fc55

  • SHA512

    68d183b4962a82bf7d4bb7829c56b0975c63aa2c5bdaa1af79f51e4f5db3bc270397a25e140e31fde97199ac82273b5214f2b9cdf0349acba50a0b28ae3bcb87

Score
8/10

Malware Config

Targets

    • Target

      b6be479e45ce3952c378a7488c7124eb94f32243d9e1e0a5d5b23a77a2d5fc55

    • Size

      3KB

    • MD5

      f6cb689bab0b98a974aba69ca1aa1224

    • SHA1

      c13655f1887c42ed3bc1b52268841979a0478930

    • SHA256

      b6be479e45ce3952c378a7488c7124eb94f32243d9e1e0a5d5b23a77a2d5fc55

    • SHA512

      68d183b4962a82bf7d4bb7829c56b0975c63aa2c5bdaa1af79f51e4f5db3bc270397a25e140e31fde97199ac82273b5214f2b9cdf0349acba50a0b28ae3bcb87

    Score
    8/10
    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

MITRE ATT&CK Enterprise v15

Tasks