7fd840f4f1f0732daa5fa3e244c8d62c797be9582ea141e464ee6a57a764a25d | Triage

Sharing

General

Target

7fd840f4f1f0732daa5fa3e244c8d62c797be9582ea141e464ee6a57a764a25d
Size

264KB
Sample

220919-h41ckahhbk
MD5

8a76938eac3960939b0d96caad0ca670
SHA1

51d1aa88fde35179946498085c25f46edd9962c3
SHA256

7fd840f4f1f0732daa5fa3e244c8d62c797be9582ea141e464ee6a57a764a25d
SHA512

94912e8bfaca344c52c953539e289d0758c5727c56b90270ec6e88b95124613b57f5880e010861998bc9574eb4b5299d2e5425a28ba4b6a99ab6bd491fad5d57
SSDEEP

3072:b1dlKwgj23+Oz05YoNozDv4Vh97i4Liu5Z611359z9pN7qJtt7KrbX4Zb8P8o1w5:b1dlZro5yDAV1iuLQ3tN7q1c8+PVB0Z

Score

8^/10

Malware Config

Targets

- Target
  
  7fd840f4f1f0732daa5fa3e244c8d62c797be9582ea141e464ee6a57a764a25d
- Size
  
  264KB
- MD5
  
  8a76938eac3960939b0d96caad0ca670
- SHA1
  
  51d1aa88fde35179946498085c25f46edd9962c3
- SHA256
  
  7fd840f4f1f0732daa5fa3e244c8d62c797be9582ea141e464ee6a57a764a25d
- SHA512
  
  94912e8bfaca344c52c953539e289d0758c5727c56b90270ec6e88b95124613b57f5880e010861998bc9574eb4b5299d2e5425a28ba4b6a99ab6bd491fad5d57
- SSDEEP
  
  3072:b1dlKwgj23+Oz05YoNozDv4Vh97i4Liu5Z611359z9pN7qJtt7KrbX4Zb8P8o1w5:b1dlZro5yDAV1iuLQ3tN7q1c8+PVB0Z
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2