fe2a9057323a5a5d47a4ab3cf9f4f9f86037b395c440da7bfb1e4164bc10abc3 | Triage

Sharing

General

Target

fe2a9057323a5a5d47a4ab3cf9f4f9f86037b395c440da7bfb1e4164bc10abc3
Size

37KB
Sample

220824-lgqrdscef3
MD5

b5930c6fbf0ecde4de2ba77415b97e18
SHA1

67cab99dc14822289f9b8d1f0fb0e9d73ff45825
SHA256

fe2a9057323a5a5d47a4ab3cf9f4f9f86037b395c440da7bfb1e4164bc10abc3
SHA512

63140881d7b03db395608b1fe095b0989aa2d87d017ae63eea34c8b3e04c3274ccc7ee31a4505c8334af1300844c4aec30a6a25dc692a34ec699b728a85620ea
SSDEEP

384:O9kt7+7uIb00ERLA6m8KXAX3H3JGm9bN1v5N9EJqgxWUrxMKQ4XyY:vNTIcI8tX9B55gqgxWFKQiH

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  fe2a9057323a5a5d47a4ab3cf9f4f9f86037b395c440da7bfb1e4164bc10abc3
- Size
  
  37KB
- MD5
  
  b5930c6fbf0ecde4de2ba77415b97e18
- SHA1
  
  67cab99dc14822289f9b8d1f0fb0e9d73ff45825
- SHA256
  
  fe2a9057323a5a5d47a4ab3cf9f4f9f86037b395c440da7bfb1e4164bc10abc3
- SHA512
  
  63140881d7b03db395608b1fe095b0989aa2d87d017ae63eea34c8b3e04c3274ccc7ee31a4505c8334af1300844c4aec30a6a25dc692a34ec699b728a85620ea
- SSDEEP
  
  384:O9kt7+7uIb00ERLA6m8KXAX3H3JGm9bN1v5N9EJqgxWUrxMKQ4XyY:vNTIcI8tX9B55gqgxWFKQiH
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1