3e4c7a58f43df5c4d178c906c0aa7af8f7313dd244bc844947989df4b3ff4e10 | Triage

Sharing

General

Target

3e4c7a58f43df5c4d178c906c0aa7af8f7313dd244bc844947989df4b3ff4e10
Size

93KB
Sample

221001-3esxeabgd7
MD5

044632b9a50c97acc9e74d3f5e1eb801
SHA1

e560d1275ea235741ef43628bbca7950316024fe
SHA256

3e4c7a58f43df5c4d178c906c0aa7af8f7313dd244bc844947989df4b3ff4e10
SHA512

4b1c022bb377d218a2a6f88e3e770b276d31685c61d2c95070bbfbe74963b64fd35d7bc6b22465ff8e5e2ce0f151b5db9d7f6352604ea0b2719567ae13606f9f
SSDEEP

1536:3tXEgfR+dxrrAPvCFghMO8zCThiztILprD1KdV:3tUgJoP6Cc8zEiztO16

Score

8^/10

Malware Config

Targets

- Target
  
  3e4c7a58f43df5c4d178c906c0aa7af8f7313dd244bc844947989df4b3ff4e10
- Size
  
  93KB
- MD5
  
  044632b9a50c97acc9e74d3f5e1eb801
- SHA1
  
  e560d1275ea235741ef43628bbca7950316024fe
- SHA256
  
  3e4c7a58f43df5c4d178c906c0aa7af8f7313dd244bc844947989df4b3ff4e10
- SHA512
  
  4b1c022bb377d218a2a6f88e3e770b276d31685c61d2c95070bbfbe74963b64fd35d7bc6b22465ff8e5e2ce0f151b5db9d7f6352604ea0b2719567ae13606f9f
- SSDEEP
  
  1536:3tXEgfR+dxrrAPvCFghMO8zCThiztILprD1KdV:3tUgJoP6Cc8zEiztO16
Score

8^/10
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2