aedf0fea2e47d087b9b987a0209bed0b7c7878174b18ababfb8d01cfc76f269e | Triage

Resubmissions

19/11/2024, 13:47

241119-q32g8s1pen 7

19/11/2024, 13:47

241119-q3kjqaxdrj 7

Sharing

General

Target

aedf0fea2e47d087b9b987a0209bed0b7c7878174b18ababfb8d01cfc76f269e
Size

948B
Sample

241119-q32g8s1pen
MD5

0879d4ade73bc83521fb8dc947cd3219
SHA1

304e8ad232651e6a0116744748dfa1b2587e5407
SHA256

aedf0fea2e47d087b9b987a0209bed0b7c7878174b18ababfb8d01cfc76f269e
SHA512

2c982d02b5b28bf71c68da088047c02c30b97739b7a56ebb4c2a41a2e33e965bcdd191f0684308d2d1bf9b7a992d29f16148a83219e6adb2d7f567ff89ea2501

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  aedf0fea2e47d087b9b987a0209bed0b7c7878174b18ababfb8d01cfc76f269e
- Size
  
  948B
- MD5
  
  0879d4ade73bc83521fb8dc947cd3219
- SHA1
  
  304e8ad232651e6a0116744748dfa1b2587e5407
- SHA256
  
  aedf0fea2e47d087b9b987a0209bed0b7c7878174b18ababfb8d01cfc76f269e
- SHA512
  
  2c982d02b5b28bf71c68da088047c02c30b97739b7a56ebb4c2a41a2e33e965bcdd191f0684308d2d1bf9b7a992d29f16148a83219e6adb2d7f567ff89ea2501
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Use of msiexec (install) with remote resource
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2